[glib-networking/mcatanzaro/tls-thread] progress
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking/mcatanzaro/tls-thread] progress
- Date: Mon, 30 Dec 2019 18:57:01 +0000 (UTC)
commit 7f761150376d5166eeb9d015a6bc770c4051ef42
Author: Michael Catanzaro <mcatanzaro gnome org>
Date: Mon Dec 30 12:54:08 2019 -0600
progress
tls/base/gtlsconnection-base.c | 111 +++++------
tls/base/gtlsconnection-base.h | 9 -
tls/base/gtlsoperationsthread-base.c | 50 ++---
tls/base/gtlsoperationsthread-base.h | 300 +++++++++++++++--------------
tls/gnutls/gtlsoperationsthread-gnutls.c | 104 ++++++----
tls/openssl/gtlsconnection-openssl.c | 2 +-
tls/openssl/gtlsoperationsthread-openssl.c | 46 ++---
7 files changed, 314 insertions(+), 308 deletions(-)
---
diff --git a/tls/base/gtlsconnection-base.c b/tls/base/gtlsconnection-base.c
index 387bc13..3fbe3fb 100644
--- a/tls/base/gtlsconnection-base.c
+++ b/tls/base/gtlsconnection-base.c
@@ -495,21 +495,19 @@ op_to_string (GTlsConnectionBaseOp op)
}
static const gchar *
-status_to_string (GTlsConnectionBaseStatus st)
+status_to_string (GTlsOperationStatus status)
{
- switch (st)
+ switch (status)
{
- case G_TLS_CONNECTION_BASE_OK:
- return "BASE_OK";
- case G_TLS_CONNECTION_BASE_WOULD_BLOCK:
+ case G_TLS_OPERATION_SUCCESS:
+ return "SUCCESS";
+ case G_TLS_OPERATION_WOULD_BLOCK:
return "WOULD_BLOCK";
- case G_TLS_CONNECTION_BASE_TIMED_OUT:
+ case G_TLS_OPERATION_TIMED_OUT:
return "TIMED_OUT";
- case G_TLS_CONNECTION_BASE_REHANDSHAKE:
- return "REHANDSHAKE";
- case G_TLS_CONNECTION_BASE_TRY_AGAIN:
+ case G_TLS_OPERATION_TRY_AGAIN:
return "TRY_AGAIN";
- case G_TLS_CONNECTION_BASE_ERROR:
+ case G_TLS_OPERATION_ERROR:
return "ERROR";
}
g_assert_not_reached ();
@@ -720,9 +718,9 @@ claim_op (GTlsConnectionBase *tls,
}
static void
-yield_op (GTlsConnectionBase *tls,
- GTlsConnectionBaseOp op,
- GTlsConnectionBaseStatus status)
+yield_op (GTlsConnectionBase *tls,
+ GTlsConnectionBaseOp op,
+ GTlsOperationStatus status)
{
GTlsConnectionBasePrivate *priv = g_tls_connection_base_get_instance_private (tls);
@@ -732,8 +730,6 @@ yield_op (GTlsConnectionBase *tls,
if (op == G_TLS_CONNECTION_BASE_OP_HANDSHAKE)
priv->handshaking = FALSE;
- else if (status == G_TLS_CONNECTION_BASE_REHANDSHAKE && !priv->handshaking)
- priv->need_handshake = TRUE;
if (op == G_TLS_CONNECTION_BASE_OP_CLOSE_BOTH ||
op == G_TLS_CONNECTION_BASE_OP_CLOSE_READ)
@@ -1394,8 +1390,7 @@ g_tls_connection_base_handshake (GTlsConnection *conn,
/* If we already have an error, ignore further errors. */
success = finish_handshake (tls, success, my_error ? NULL : &my_error);
- yield_op (tls, G_TLS_CONNECTION_BASE_OP_HANDSHAKE,
- G_TLS_CONNECTION_BASE_OK);
+ yield_op (tls, G_TLS_CONNECTION_BASE_OP_HANDSHAKE, G_TLS_OPERATION_SUCCESS);
if (my_error)
g_propagate_error (error, my_error);
@@ -1493,8 +1488,7 @@ async_handshake_thread (GTask *task,
priv->handshaking = FALSE;
g_mutex_unlock (&priv->op_mutex);
- yield_op (tls, G_TLS_CONNECTION_BASE_OP_HANDSHAKE,
- G_TLS_CONNECTION_BASE_OK);
+ yield_op (tls, G_TLS_CONNECTION_BASE_OP_HANDSHAKE, G_TLS_OPERATION_SUCCESS);
if (error)
g_task_return_error (task, error);
@@ -1613,8 +1607,7 @@ do_sync_implicit_handshake (GTlsConnectionBase *tls,
success = finish_handshake (tls, success,
my_error ? NULL : &my_error);
- yield_op (tls, G_TLS_CONNECTION_BASE_OP_HANDSHAKE,
- G_TLS_CONNECTION_BASE_OK);
+ yield_op (tls, G_TLS_CONNECTION_BASE_OP_HANDSHAKE, G_TLS_OPERATION_SUCCESS);
g_mutex_lock (&priv->op_mutex);
@@ -1644,24 +1637,20 @@ g_tls_connection_base_read (GTlsConnectionBase *tls,
GError **error)
{
GTlsConnectionBasePrivate *priv = g_tls_connection_base_get_instance_private (tls);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gssize nread;
g_tls_log_debug (tls, "starting to read data from TLS connection");
- do
- {
- if (!claim_op (tls, G_TLS_CONNECTION_BASE_OP_READ,
- timeout, cancellable, error))
- return -1;
+ if (!claim_op (tls, G_TLS_CONNECTION_BASE_OP_READ,
+ timeout, cancellable, error))
+ return -1;
- status = g_tls_operations_thread_base_read (priv->thread, buffer, size, timeout, &nread, cancellable,
error);
+ status = g_tls_operations_thread_base_read (priv->thread, buffer, size, timeout, &nread, cancellable,
error);
- yield_op (tls, G_TLS_CONNECTION_BASE_OP_READ, status);
- }
- while (status == G_TLS_CONNECTION_BASE_REHANDSHAKE);
+ yield_op (tls, G_TLS_CONNECTION_BASE_OP_READ, status);
- if (status == G_TLS_CONNECTION_BASE_OK)
+ if (status == G_TLS_OPERATION_SUCCESS)
{
g_tls_log_debug (tls, "successfully read %" G_GSSIZE_FORMAT " bytes from TLS connection", nread);
return nread;
@@ -1680,21 +1669,19 @@ g_tls_connection_base_read_message (GTlsConnectionBase *tls,
GError **error)
{
GTlsConnectionBasePrivate *priv = g_tls_connection_base_get_instance_private (tls);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gssize nread;
g_tls_log_debug (tls, "starting to read messages from TLS connection");
- do {
- if (!claim_op (tls, G_TLS_CONNECTION_BASE_OP_READ,
- timeout, cancellable, error))
- return -1;
+ if (!claim_op (tls, G_TLS_CONNECTION_BASE_OP_READ,
+ timeout, cancellable, error))
+ return -1;
- status = g_tls_operations_thread_base_read_message (priv->thread, vectors, num_vectors, timeout, &nread,
cancellable, error);
- yield_op (tls, G_TLS_CONNECTION_BASE_OP_READ, status);
- } while (status == G_TLS_CONNECTION_BASE_REHANDSHAKE);
+ status = g_tls_operations_thread_base_read_message (priv->thread, vectors, num_vectors, timeout, &nread,
cancellable, error);
+ yield_op (tls, G_TLS_CONNECTION_BASE_OP_READ, status);
- if (status == G_TLS_CONNECTION_BASE_OK)
+ if (status == G_TLS_OPERATION_SUCCESS)
{
g_tls_log_debug (tls, "successfully read %" G_GSSIZE_FORMAT " bytes from TLS connection", nread);
return nread;
@@ -1788,23 +1775,19 @@ g_tls_connection_base_write (GTlsConnectionBase *tls,
GError **error)
{
GTlsConnectionBasePrivate *priv = g_tls_connection_base_get_instance_private (tls);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gssize nwrote;
g_tls_log_debug (tls, "starting to write %" G_GSIZE_FORMAT " bytes to TLS connection", size);
- do
- {
- if (!claim_op (tls, G_TLS_CONNECTION_BASE_OP_WRITE,
- timeout, cancellable, error))
- return -1;
+ if (!claim_op (tls, G_TLS_CONNECTION_BASE_OP_WRITE,
+ timeout, cancellable, error))
+ return -1;
- status = g_tls_operations_thread_base_write (priv->thread, buffer, size, timeout, &nwrote,
cancellable, error);
- yield_op (tls, G_TLS_CONNECTION_BASE_OP_WRITE, status);
- }
- while (status == G_TLS_CONNECTION_BASE_REHANDSHAKE);
+ status = g_tls_operations_thread_base_write (priv->thread, buffer, size, timeout, &nwrote, cancellable,
error);
+ yield_op (tls, G_TLS_CONNECTION_BASE_OP_WRITE, status);
- if (status == G_TLS_CONNECTION_BASE_OK)
+ if (status == G_TLS_OPERATION_SUCCESS)
{
g_tls_log_debug (tls, "successfully write %" G_GSSIZE_FORMAT " bytes to TLS connection", nwrote);
return nwrote;
@@ -1823,22 +1806,20 @@ g_tls_connection_base_write_message (GTlsConnectionBase *tls,
GError **error)
{
GTlsConnectionBasePrivate *priv = g_tls_connection_base_get_instance_private (tls);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gssize nwrote;
g_tls_log_debug (tls, "starting to write messages to TLS connection");
- do {
- if (!claim_op (tls, G_TLS_CONNECTION_BASE_OP_WRITE,
- timeout, cancellable, error))
- return -1;
+ if (!claim_op (tls, G_TLS_CONNECTION_BASE_OP_WRITE,
+ timeout, cancellable, error))
+ return -1;
- status = g_tls_operations_thread_base_write_message (priv->thread, vectors, num_vectors, timeout,
&nwrote, cancellable, error);
+ status = g_tls_operations_thread_base_write_message (priv->thread, vectors, num_vectors, timeout, &nwrote,
cancellable, error);
- yield_op (tls, G_TLS_CONNECTION_BASE_OP_WRITE, status);
- } while (status == G_TLS_CONNECTION_BASE_REHANDSHAKE);
+ yield_op (tls, G_TLS_CONNECTION_BASE_OP_WRITE, status);
- if (status == G_TLS_CONNECTION_BASE_OK)
+ if (status == G_TLS_OPERATION_SUCCESS)
{
g_tls_log_debug (tls, "successfully write %" G_GSSIZE_FORMAT " bytes to TLS connection", nwrote);
return nwrote;
@@ -1939,7 +1920,7 @@ g_tls_connection_base_close_internal (GIOStream *stream,
GTlsConnectionBase *tls = G_TLS_CONNECTION_BASE (stream);
GTlsConnectionBasePrivate *priv = g_tls_connection_base_get_instance_private (tls);
GTlsConnectionBaseOp op;
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gboolean success = TRUE;
GError *close_error = NULL, *stream_error = NULL;
@@ -1971,7 +1952,7 @@ g_tls_connection_base_close_internal (GIOStream *stream,
priv->write_closed = TRUE;
}
else
- status = G_TLS_CONNECTION_BASE_OK;
+ status = G_TLS_OPERATION_SUCCESS;
if (!priv->read_closed && direction & G_TLS_DIRECTION_READ)
priv->read_closed = TRUE;
@@ -2006,7 +1987,7 @@ g_tls_connection_base_close_internal (GIOStream *stream,
yield_op (tls, op, status);
/* Propagate errors. */
- if (status != G_TLS_CONNECTION_BASE_OK)
+ if (status != G_TLS_OPERATION_SUCCESS)
{
g_tls_log_debug (tls, "error closing TLS connection: %s", close_error->message);
g_propagate_error (error, close_error);
@@ -2023,7 +2004,7 @@ g_tls_connection_base_close_internal (GIOStream *stream,
g_tls_log_debug (tls, "the TLS connection has been closed successfully");
}
- return success && status == G_TLS_CONNECTION_BASE_OK;
+ return success && status == G_TLS_OPERATION_SUCCESS;
}
static gboolean
diff --git a/tls/base/gtlsconnection-base.h b/tls/base/gtlsconnection-base.h
index 9a8501c..6f6a907 100644
--- a/tls/base/gtlsconnection-base.h
+++ b/tls/base/gtlsconnection-base.h
@@ -33,15 +33,6 @@ G_BEGIN_DECLS
G_DECLARE_DERIVABLE_TYPE (GTlsConnectionBase, g_tls_connection_base, G, TLS_CONNECTION_BASE, GTlsConnection)
-typedef enum {
- G_TLS_CONNECTION_BASE_OK,
- G_TLS_CONNECTION_BASE_WOULD_BLOCK,
- G_TLS_CONNECTION_BASE_TIMED_OUT,
- G_TLS_CONNECTION_BASE_REHANDSHAKE,
- G_TLS_CONNECTION_BASE_TRY_AGAIN,
- G_TLS_CONNECTION_BASE_ERROR,
-} GTlsConnectionBaseStatus; /* FIXME: move? rename? GTlsOperationsThreadBaseStatus? */
-
typedef enum {
G_TLS_DIRECTION_NONE = 0,
G_TLS_DIRECTION_READ = 1 << 0,
diff --git a/tls/base/gtlsoperationsthread-base.c b/tls/base/gtlsoperationsthread-base.c
index 66f46ba..ae883da 100644
--- a/tls/base/gtlsoperationsthread-base.c
+++ b/tls/base/gtlsoperationsthread-base.c
@@ -152,7 +152,7 @@ typedef struct {
GCancellable *cancellable;
/* Op output */
- GTlsConnectionBaseStatus result;
+ GTlsOperationStatus result;
gssize count; /* Bytes read or written */
GError *error;
@@ -261,7 +261,7 @@ g_tls_operations_thread_base_request_certificate (GTlsOperationsThreadBase *sel
}
void
-g_tls_operations_thread_base_set_is_missing_requested_client_certificate (GTlsOperationsThreadBase *self)
+g_tls_operations_thread_base_set_missing_requested_client_certificate (GTlsOperationsThreadBase *self)
{
GTlsOperationsThreadBasePrivate *priv = g_tls_operations_thread_base_get_instance_private (self);
@@ -348,7 +348,7 @@ g_tls_operations_thread_base_push_io (GTlsOperationsThreadBase *self,
}
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_operations_thread_base_real_pop_io (GTlsOperationsThreadBase *self,
GIOCondition direction,
gboolean success,
@@ -360,19 +360,19 @@ g_tls_operations_thread_base_real_pop_io (GTlsOperationsThreadBase *self,
if (success)
{
g_assert (!op_error);
- return G_TLS_CONNECTION_BASE_OK;
+ return G_TLS_OPERATION_SUCCESS;
}
if (g_error_matches (op_error, G_IO_ERROR, G_IO_ERROR_WOULD_BLOCK))
{
g_propagate_error (error, op_error);
- return G_TLS_CONNECTION_BASE_WOULD_BLOCK;
+ return G_TLS_OPERATION_WOULD_BLOCK;
}
if (g_error_matches (op_error, G_IO_ERROR, G_IO_ERROR_TIMED_OUT))
{
g_propagate_error (error, op_error);
- return G_TLS_CONNECTION_BASE_TIMED_OUT;
+ return G_TLS_OPERATION_TIMED_OUT;
}
if (get_is_missing_requested_client_certificate (self) &&
@@ -412,10 +412,10 @@ g_tls_operations_thread_base_real_pop_io (GTlsOperationsThreadBase *self,
g_propagate_error (error, op_error);
}
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
-GTlsConnectionBaseStatus
+GTlsOperationStatus
g_tls_operations_thread_base_pop_io (GTlsOperationsThreadBase *self,
GIOCondition direction,
gboolean success,
@@ -714,14 +714,14 @@ wait_for_op_completion (GTlsThreadOperation *op)
g_mutex_unlock (&op->finished_mutex);
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
execute_op (GTlsOperationsThreadBase *self,
GTlsThreadOperation *op,
gssize *count,
GError **error)
{
GTlsOperationsThreadBasePrivate *priv = g_tls_operations_thread_base_get_instance_private (self);
- GTlsConnectionBaseStatus result;
+ GTlsOperationStatus result;
g_async_queue_push (priv->queue, op);
g_main_context_wakeup (priv->op_thread_context);
@@ -864,7 +864,7 @@ g_tls_operations_thread_base_verify_certificate (GTlsOperationsThreadBase *self,
return accepted;
}
-GTlsConnectionBaseStatus
+GTlsOperationStatus
g_tls_operations_thread_base_handshake (GTlsOperationsThreadBase *self,
GTlsCertificate *own_certificate,
const gchar **advertised_protocols,
@@ -879,7 +879,7 @@ g_tls_operations_thread_base_handshake (GTlsOperationsThreadBase *self,
GError **error)
{
GTlsOperationsThreadBasePrivate *priv = g_tls_operations_thread_base_get_instance_private (self);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
GTlsThreadOperation *op;
GTlsCertificate *copied_cert;
HandshakeContext *context;
@@ -920,7 +920,7 @@ g_tls_operations_thread_base_handshake (GTlsOperationsThreadBase *self,
return status;
}
-GTlsConnectionBaseStatus
+GTlsOperationStatus
g_tls_operations_thread_base_read (GTlsOperationsThreadBase *self,
void *buffer,
gsize size,
@@ -930,7 +930,7 @@ g_tls_operations_thread_base_read (GTlsOperationsThreadBase *self,
GError **error)
{
GTlsOperationsThreadBasePrivate *priv = g_tls_operations_thread_base_get_instance_private (self);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
GTlsThreadOperation *op;
g_assert (!g_main_context_is_owner (priv->op_thread_context));
@@ -946,7 +946,7 @@ g_tls_operations_thread_base_read (GTlsOperationsThreadBase *self,
return status;
}
-GTlsConnectionBaseStatus
+GTlsOperationStatus
g_tls_operations_thread_base_read_message (GTlsOperationsThreadBase *self,
GInputVector *vectors,
guint num_vectors,
@@ -956,7 +956,7 @@ g_tls_operations_thread_base_read_message (GTlsOperationsThreadBase *self,
GError **error)
{
GTlsOperationsThreadBasePrivate *priv = g_tls_operations_thread_base_get_instance_private (self);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
GTlsThreadOperation *op;
g_assert (!g_main_context_is_owner (priv->op_thread_context));
@@ -972,7 +972,7 @@ g_tls_operations_thread_base_read_message (GTlsOperationsThreadBase *self,
return status;
}
-GTlsConnectionBaseStatus
+GTlsOperationStatus
g_tls_operations_thread_base_write (GTlsOperationsThreadBase *self,
const void *buffer,
gsize size,
@@ -982,7 +982,7 @@ g_tls_operations_thread_base_write (GTlsOperationsThreadBase *self,
GError **error)
{
GTlsOperationsThreadBasePrivate *priv = g_tls_operations_thread_base_get_instance_private (self);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
GTlsThreadOperation *op;
g_assert (!g_main_context_is_owner (priv->op_thread_context));
@@ -998,7 +998,7 @@ g_tls_operations_thread_base_write (GTlsOperationsThreadBase *self,
return status;
}
-GTlsConnectionBaseStatus
+GTlsOperationStatus
g_tls_operations_thread_base_write_message (GTlsOperationsThreadBase *self,
GOutputVector *vectors,
guint num_vectors,
@@ -1008,7 +1008,7 @@ g_tls_operations_thread_base_write_message (GTlsOperationsThreadBase *self,
GError **error)
{
GTlsOperationsThreadBasePrivate *priv = g_tls_operations_thread_base_get_instance_private (self);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
GTlsThreadOperation *op;
g_assert (!g_main_context_is_owner (priv->op_thread_context));
@@ -1024,13 +1024,13 @@ g_tls_operations_thread_base_write_message (GTlsOperationsThreadBase *self,
return status;
}
-GTlsConnectionBaseStatus
+GTlsOperationStatus
g_tls_operations_thread_base_close (GTlsOperationsThreadBase *self,
GCancellable *cancellable,
GError **error)
{
GTlsOperationsThreadBasePrivate *priv = g_tls_operations_thread_base_get_instance_private (self);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
GTlsThreadOperation *op;
g_assert (!g_main_context_is_owner (priv->op_thread_context));
@@ -1333,7 +1333,7 @@ process_op (GAsyncQueue *queue,
}
/* Spurious wakeup. Try again later. */
- op->result = G_TLS_CONNECTION_BASE_WOULD_BLOCK;
+ op->result = G_TLS_OPERATION_WOULD_BLOCK;
goto wait;
}
}
@@ -1425,11 +1425,11 @@ process_op (GAsyncQueue *queue,
g_assert_not_reached ();
}
- if (op->result == G_TLS_CONNECTION_BASE_OK && performed_posthandshake_op)
+ if (op->result == G_TLS_OPERATION_SUCCESS && performed_posthandshake_op)
set_performed_successful_posthandshake_op (op->thread);
wait:
- if (op->result == G_TLS_CONNECTION_BASE_WOULD_BLOCK &&
+ if (op->result == G_TLS_OPERATION_WOULD_BLOCK &&
op->timeout != 0)
{
GSource *tls_source;
diff --git a/tls/base/gtlsoperationsthread-base.h b/tls/base/gtlsoperationsthread-base.h
index 3eea680..da7d7b8 100644
--- a/tls/base/gtlsoperationsthread-base.h
+++ b/tls/base/gtlsoperationsthread-base.h
@@ -34,72 +34,80 @@ G_BEGIN_DECLS
G_DECLARE_DERIVABLE_TYPE (GTlsOperationsThreadBase, g_tls_operations_thread_base, G,
TLS_OPERATIONS_THREAD_BASE, GObject)
+typedef enum {
+ G_TLS_OPERATION_SUCCESS,
+ G_TLS_OPERATION_WOULD_BLOCK,
+ G_TLS_OPERATION_TIMED_OUT,
+ G_TLS_OPERATION_TRY_AGAIN,
+ G_TLS_OPERATION_ERROR,
+} GTlsOperationStatus;
+
typedef struct _HandshakeContext HandshakeContext;
struct _GTlsOperationsThreadBaseClass
{
GObjectClass parent_class;
- GTlsCertificate *(*copy_certificate) (GTlsOperationsThreadBase *self,
- GTlsCertificate *cert);
-
- void (*copy_client_session_state) (GTlsOperationsThreadBase *self,
- GTlsOperationsThreadBase *source);
-
- void (*set_server_identity) (GTlsOperationsThreadBase *self,
- const gchar *server_identity);
-
- void (*push_io) (GTlsOperationsThreadBase *self,
- GIOCondition direction,
- gint64 timeout, /* FIXME:
remove timeout? */
- GCancellable *cancellable);
- GTlsConnectionBaseStatus (*pop_io) (GTlsOperationsThreadBase *self,
- GIOCondition direction,
- gboolean success,
- GError *op_error,
- GError **error);
-
- GTlsConnectionBaseStatus (*handshake_fn) (GTlsOperationsThreadBase *self,
- HandshakeContext *context,
- GTlsCertificate *own_certificate,
- const gchar **advertised_protocols,
- GTlsAuthenticationMode auth_mode,
- gint64 timeout,
- gchar **negotiated_protocol,
- GList **accepted_cas,
- GTlsCertificate **peer_certificate,
- GCancellable *cancellable,
- GError **error);
-
- GTlsConnectionBaseStatus (*read_fn) (GTlsOperationsThreadBase *self,
- void *buffer,
- gsize size,
- gssize *nread,
- GCancellable *cancellable,
- GError **error);
- GTlsConnectionBaseStatus (*read_message_fn) (GTlsOperationsThreadBase *self,
- GInputVector *vectors,
- guint num_vectors,
- gssize *nread,
- GCancellable *cancellable,
- GError **error);
-
- GTlsConnectionBaseStatus (*write_fn) (GTlsOperationsThreadBase *self,
- const void *buffer,
- gsize size,
- gssize *nwrote,
- GCancellable *cancellable,
- GError **error);
- GTlsConnectionBaseStatus (*write_message_fn) (GTlsOperationsThreadBase *self,
- GOutputVector *vectors,
- guint num_vectors,
- gssize *nwrote,
- GCancellable *cancellable,
- GError **error);
-
- GTlsConnectionBaseStatus (*close_fn) (GTlsOperationsThreadBase *self,
- GCancellable *cancellable,
- GError **error);
+ GTlsCertificate *(*copy_certificate) (GTlsOperationsThreadBase *self,
+ GTlsCertificate *cert);
+
+ void (*copy_client_session_state) (GTlsOperationsThreadBase *self,
+ GTlsOperationsThreadBase *source);
+
+ void (*set_server_identity) (GTlsOperationsThreadBase *self,
+ const gchar *server_identity);
+
+ void (*push_io) (GTlsOperationsThreadBase *self,
+ GIOCondition direction,
+ gint64 timeout, /* FIXME: remove
timeout? */
+ GCancellable *cancellable);
+ GTlsOperationStatus (*pop_io) (GTlsOperationsThreadBase *self,
+ GIOCondition direction,
+ gboolean success,
+ GError *op_error,
+ GError **error);
+
+ GTlsOperationStatus (*handshake_fn) (GTlsOperationsThreadBase *self,
+ HandshakeContext *context,
+ GTlsCertificate *own_certificate,
+ const gchar **advertised_protocols,
+ GTlsAuthenticationMode auth_mode,
+ gint64 timeout,
+ gchar **negotiated_protocol,
+ GList **accepted_cas,
+ GTlsCertificate **peer_certificate,
+ GCancellable *cancellable,
+ GError **error);
+
+ GTlsOperationStatus (*read_fn) (GTlsOperationsThreadBase *self,
+ void *buffer,
+ gsize size,
+ gssize *nread,
+ GCancellable *cancellable,
+ GError **error);
+ GTlsOperationStatus (*read_message_fn) (GTlsOperationsThreadBase *self,
+ GInputVector *vectors,
+ guint num_vectors,
+ gssize *nread,
+ GCancellable *cancellable,
+ GError **error);
+
+ GTlsOperationStatus (*write_fn) (GTlsOperationsThreadBase *self,
+ const void *buffer,
+ gsize size,
+ gssize *nwrote,
+ GCancellable *cancellable,
+ GError **error);
+ GTlsOperationStatus (*write_message_fn) (GTlsOperationsThreadBase *self,
+ GOutputVector *vectors,
+ guint num_vectors,
+ gssize *nwrote,
+ GCancellable *cancellable,
+ GError **error);
+
+ GTlsOperationStatus (*close_fn) (GTlsOperationsThreadBase *self,
+ GCancellable *cancellable,
+ GError **error);
};
typedef gboolean (*GTlsVerifyCertificateFunc) (GTlsOperationsThreadBase *thread,
@@ -110,91 +118,91 @@ typedef void (*GTlsSessionResumedFunc) (GTlsOperationsThreadBase *thread,
gpointer user_data);
/* FIXME: remove!!! */
-GTlsConnectionBase *g_tls_operations_thread_base_get_connection (GTlsOperationsThreadBase
*self);
-
-void g_tls_operations_thread_base_set_interaction (GTlsOperationsThreadBase
*self,
- GTlsInteraction
*interaction);
-GTlsInteraction *g_tls_operations_thread_base_ref_interaction (GTlsOperationsThreadBase
*self);
-GError *g_tls_operations_thread_base_take_interaction_error (GTlsOperationsThreadBase
*self);
-
-gboolean g_tls_operations_thread_base_request_certificate (GTlsOperationsThreadBase
*self,
- GCancellable
*cancellable,
- GTlsCertificate
**own_certificate);
-
-void g_tls_operations_thread_base_set_is_missing_requested_client_certificate
- (GTlsOperationsThreadBase
*self);
-
-void g_tls_operations_thread_base_set_close_notify_required (GTlsOperationsThreadBase
*self,
- gboolean
required);
-gboolean g_tls_operations_thread_base_get_close_notify_required (GTlsOperationsThreadBase
*self);
-
-gboolean g_tls_operations_thread_base_verify_certificate (GTlsOperationsThreadBase
*self,
- GTlsCertificate
*peer_certificate,
- HandshakeContext
*context);
-
-void g_tls_operations_thread_base_copy_client_session_state (GTlsOperationsThreadBase
*self,
- GTlsOperationsThreadBase
*source);
-
-void g_tls_operations_thread_base_set_server_identity (GTlsOperationsThreadBase
*self,
- const gchar
*server_identity);
-
-void g_tls_operations_thread_base_push_io (GTlsOperationsThreadBase
*self,
- GIOCondition
direction,
- gint64
timeout, /* FIXME: remove timeout? */
- GCancellable
*cancellable);
-GTlsConnectionBaseStatus g_tls_operations_thread_base_pop_io (GTlsOperationsThreadBase
*self,
- GIOCondition
direction,
- gboolean
success,
- GError
*op_error,
- GError
**error);
-
-GTlsConnectionBaseStatus g_tls_operations_thread_base_handshake (GTlsOperationsThreadBase
*self,
- GTlsCertificate
*own_certificate,
- const gchar
**advertised_protocols,
- GTlsAuthenticationMode
auth_mode,
- gint64
timeout,
- GTlsVerifyCertificateFunc
verify_callback,
- GTlsSessionResumedFunc
resumed_callback,
- gchar
**negotiated_protocol,
- GList
**accepted_cas,
- GCancellable
*cancellable,
- gpointer
user_data,
- GError
**error);
-
-GTlsConnectionBaseStatus g_tls_operations_thread_base_read (GTlsOperationsThreadBase
*self,
- void
*buffer,
- gsize
size,
- gint64
timeout,
- gssize
*nread,
- GCancellable
*cancellable,
- GError
**error);
-
-GTlsConnectionBaseStatus g_tls_operations_thread_base_read_message (GTlsOperationsThreadBase
*self,
- GInputVector
*vectors,
- guint
num_vectors,
- gint64
timeout,
- gssize
*nread,
- GCancellable
*cancellable,
- GError
**error);
-
-GTlsConnectionBaseStatus g_tls_operations_thread_base_write (GTlsOperationsThreadBase
*self,
- const void
*buffer,
- gsize
size,
- gint64
timeout,
- gssize
*nwrote,
- GCancellable
*cancellable,
- GError
**error);
-
-GTlsConnectionBaseStatus g_tls_operations_thread_base_write_message (GTlsOperationsThreadBase
*self,
- GOutputVector
*vectors,
- guint
num_vectors,
- gint64
timeout,
- gssize
*nwrote,
- GCancellable
*cancellable,
- GError
**error);
-
-GTlsConnectionBaseStatus g_tls_operations_thread_base_close (GTlsOperationsThreadBase
*self,
- GCancellable
*cancellable,
- GError
**error);
+GTlsConnectionBase *g_tls_operations_thread_base_get_connection (GTlsOperationsThreadBase
*self);
+
+void g_tls_operations_thread_base_set_interaction (GTlsOperationsThreadBase
*self,
+ GTlsInteraction
*interaction);
+GTlsInteraction *g_tls_operations_thread_base_ref_interaction (GTlsOperationsThreadBase
*self);
+GError *g_tls_operations_thread_base_take_interaction_error (GTlsOperationsThreadBase
*self);
+
+gboolean g_tls_operations_thread_base_request_certificate (GTlsOperationsThreadBase
*self,
+ GCancellable
*cancellable,
+ GTlsCertificate
**own_certificate);
+
+void g_tls_operations_thread_base_set_missing_requested_client_certificate
+ (GTlsOperationsThreadBase
*self);
+
+void g_tls_operations_thread_base_set_close_notify_required (GTlsOperationsThreadBase *self,
+ gboolean
required);
+gboolean g_tls_operations_thread_base_get_close_notify_required (GTlsOperationsThreadBase
*self);
+
+gboolean g_tls_operations_thread_base_verify_certificate (GTlsOperationsThreadBase *self,
+ GTlsCertificate
*peer_certificate,
+ HandshakeContext
*context);
+
+void g_tls_operations_thread_base_copy_client_session_state (GTlsOperationsThreadBase
*self,
+ GTlsOperationsThreadBase
*source);
+
+void g_tls_operations_thread_base_set_server_identity (GTlsOperationsThreadBase
*self,
+ const gchar
*server_identity);
+
+void g_tls_operations_thread_base_push_io (GTlsOperationsThreadBase
*self,
+ GIOCondition
direction,
+ gint64
timeout, /* FIXME: remove timeout? */
+ GCancellable
*cancellable);
+GTlsOperationStatus g_tls_operations_thread_base_pop_io (GTlsOperationsThreadBase
*self,
+ GIOCondition
direction,
+ gboolean
success,
+ GError
*op_error,
+ GError
**error);
+
+GTlsOperationStatus g_tls_operations_thread_base_handshake (GTlsOperationsThreadBase
*self,
+ GTlsCertificate
*own_certificate,
+ const gchar
**advertised_protocols,
+ GTlsAuthenticationMode
auth_mode,
+ gint64
timeout,
+ GTlsVerifyCertificateFunc
verify_callback,
+ GTlsSessionResumedFunc
resumed_callback,
+ gchar
**negotiated_protocol,
+ GList
**accepted_cas,
+ GCancellable
*cancellable,
+ gpointer
user_data,
+ GError
**error);
+
+GTlsOperationStatus g_tls_operations_thread_base_read (GTlsOperationsThreadBase
*self,
+ void
*buffer,
+ gsize
size,
+ gint64
timeout,
+ gssize
*nread,
+ GCancellable
*cancellable,
+ GError
**error);
+
+GTlsOperationStatus g_tls_operations_thread_base_read_message (GTlsOperationsThreadBase
*self,
+ GInputVector
*vectors,
+ guint
num_vectors,
+ gint64
timeout,
+ gssize
*nread,
+ GCancellable
*cancellable,
+ GError
**error);
+
+GTlsOperationStatus g_tls_operations_thread_base_write (GTlsOperationsThreadBase
*self,
+ const void
*buffer,
+ gsize
size,
+ gint64
timeout,
+ gssize
*nwrote,
+ GCancellable
*cancellable,
+ GError
**error);
+
+GTlsOperationStatus g_tls_operations_thread_base_write_message (GTlsOperationsThreadBase
*self,
+ GOutputVector
*vectors,
+ guint
num_vectors,
+ gint64
timeout,
+ gssize
*nwrote,
+ GCancellable
*cancellable,
+ GError
**error);
+
+GTlsOperationStatus g_tls_operations_thread_base_close (GTlsOperationsThreadBase
*self,
+ GCancellable
*cancellable,
+ GError
**error);
G_END_DECLS
diff --git a/tls/gnutls/gtlsoperationsthread-gnutls.c b/tls/gnutls/gtlsoperationsthread-gnutls.c
index 592c253..d623b9a 100644
--- a/tls/gnutls/gtlsoperationsthread-gnutls.c
+++ b/tls/gnutls/gtlsoperationsthread-gnutls.c
@@ -138,14 +138,14 @@ begin_gnutls_io (GTlsOperationsThreadGnutls *self,
direction, 0, cancellable);
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
end_gnutls_io (GTlsOperationsThreadGnutls *self,
GIOCondition direction,
int ret,
GError **error,
const char *err_prefix)
{
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
GError *my_error = NULL;
/* We intentionally do not check for GNUTLS_E_INTERRUPTED here
@@ -156,7 +156,7 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
*/
if (ret == GNUTLS_E_AGAIN ||
ret == GNUTLS_E_WARNING_ALERT_RECEIVED)
- return G_TLS_CONNECTION_BASE_TRY_AGAIN;
+ return G_TLS_OPERATION_TRY_AGAIN;
self->op_cancellable = NULL;
@@ -166,16 +166,16 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
g_steal_pointer (&self->op_error),
&my_error);
- if (status == G_TLS_CONNECTION_BASE_OK ||
- status == G_TLS_CONNECTION_BASE_WOULD_BLOCK ||
- status == G_TLS_CONNECTION_BASE_TIMED_OUT)
+ if (status == G_TLS_OPERATION_SUCCESS ||
+ status == G_TLS_OPERATION_WOULD_BLOCK ||
+ status == G_TLS_OPERATION_TIMED_OUT)
{
if (my_error)
g_propagate_error (error, my_error);
return status;
}
- g_assert (status == G_TLS_CONNECTION_BASE_ERROR);
+ g_assert (status == G_TLS_OPERATION_ERROR);
if (self->handshaking && !self->ever_handshaked)
{
@@ -185,7 +185,7 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
_("Peer failed to perform TLS handshake: %s"), my_error->message);
g_clear_error (&my_error);
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
if (status == GNUTLS_E_UNEXPECTED_PACKET_LENGTH ||
@@ -195,12 +195,37 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
g_clear_error (&my_error);
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
_("Peer failed to perform TLS handshake: %s"), gnutls_strerror (ret));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
}
if (ret == GNUTLS_E_REHANDSHAKE)
- return G_TLS_CONNECTION_BASE_REHANDSHAKE;
+ {
+ if (is_client (self))
+ {
+ /* Ignore server's request for rehandshake, because we no longer
+ * support obsolete TLS rehandshakes.
+ *
+ * TODO: Send GNUTLS_A_NO_RENEGOTIATION here once we support alerts.
+ */
+ return G_TLS_OPERATION_SUCCESS;
+ }
+ else
+ {
+ /* Are you hitting this error? If so, we may need to restore support
+ * for obsolete TLS rehandshakes. Hopefully not, because not many
+ * applications use GTlsServerConnection, and presumably not many
+ * clients request rehandshakes.
+ *
+ * The server cannot simply ignore a rehandshake request like clients
+ * can, so this is fatal.
+ */
+ g_clear_error (&my_error);
+ g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_MISC,
+ _("Client requested TLS rehandshake, which is no longer supported"));
+ return G_TLS_OPERATION_ERROR;
+ }
+ }
if (ret == GNUTLS_E_PREMATURE_TERMINATION)
{
@@ -209,7 +234,7 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
g_clear_error (&my_error);
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
_("Peer failed to perform TLS handshake: %s"), gnutls_strerror (ret));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
if (g_tls_operations_thread_base_get_close_notify_required (G_TLS_OPERATIONS_THREAD_BASE (self)))
@@ -217,10 +242,10 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
g_clear_error (&my_error);
g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_EOF,
_("TLS connection closed unexpectedly"));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
- return G_TLS_CONNECTION_BASE_OK;
+ return G_TLS_OPERATION_SUCCESS;
}
if (ret == GNUTLS_E_NO_CERTIFICATE_FOUND || ret == GNUTLS_E_CERTIFICATE_REQUIRED)
@@ -228,7 +253,7 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
g_clear_error (&my_error);
g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_CERTIFICATE_REQUIRED,
_("TLS connection peer did not send a certificate"));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
if (ret == GNUTLS_E_CERTIFICATE_ERROR)
@@ -236,7 +261,7 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
g_clear_error (&my_error);
g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE,
_("Unacceptable TLS certificate"));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
if (ret == GNUTLS_E_FATAL_ALERT_RECEIVED)
@@ -245,7 +270,7 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_MISC,
_("Peer sent fatal TLS alert: %s"),
gnutls_alert_get_name (gnutls_alert_get (self->session)));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
if (ret == GNUTLS_E_INAPPROPRIATE_FALLBACK)
@@ -254,7 +279,7 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
g_set_error_literal (error, G_TLS_ERROR,
G_TLS_ERROR_INAPPROPRIATE_FALLBACK,
_("Protocol version downgrade attack detected"));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
if (ret == GNUTLS_E_LARGE_PACKET)
@@ -264,7 +289,7 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
g_set_error (error, G_IO_ERROR, G_IO_ERROR_MESSAGE_TOO_LARGE,
ngettext ("Message is too large for DTLS connection; maximum is %u byte",
"Message is too large for DTLS connection; maximum is %u bytes", mtu), mtu);
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
if (ret == GNUTLS_E_TIMEDOUT)
@@ -272,7 +297,7 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
g_clear_error (&my_error);
g_set_error_literal (error, G_IO_ERROR, G_IO_ERROR_TIMED_OUT,
_("The operation timed out"));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
if (error && my_error)
@@ -284,7 +309,7 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
err_prefix, gnutls_strerror (ret));
}
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
/* FIXME: do not use GTlsConnectionBase at all. */
@@ -295,7 +320,7 @@ end_gnutls_io (GTlsOperationsThreadGnutls *self,
#define END_GNUTLS_IO(self, direction, ret, status, errmsg, err) \
status = end_gnutls_io (self, direction, ret, err, errmsg); \
- } while (status == G_TLS_CONNECTION_BASE_TRY_AGAIN);
+ } while (status == G_TLS_OPERATION_TRY_AGAIN);
static void
initialize_gnutls_priority (void)
@@ -583,7 +608,7 @@ get_peer_certificate (GTlsOperationsThreadGnutls *self)
return NULL;
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_operations_thread_gnutls_handshake (GTlsOperationsThreadBase *base,
HandshakeContext *context,
GTlsCertificate *own_certificate,
@@ -597,7 +622,7 @@ g_tls_operations_thread_gnutls_handshake (GTlsOperationsThreadBase *base,
GError **error)
{
GTlsOperationsThreadGnutls *self = G_TLS_OPERATIONS_THREAD_GNUTLS (base);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gnutls_datum_t protocol;
int ret;
@@ -628,6 +653,7 @@ g_tls_operations_thread_gnutls_handshake (GTlsOperationsThreadBase *base,
{
guint8 buf[1024];
+ /* FIXME: no longer supports rehandshake, but what about reauth? */
/* Got app data while waiting for rehandshake; buffer it and try again */
ret = gnutls_record_recv (self->session, buf, sizeof (buf));
if (ret > -1)
@@ -646,7 +672,7 @@ g_tls_operations_thread_gnutls_handshake (GTlsOperationsThreadBase *base,
self->handshake_context = NULL;
self->handshaking = FALSE;
- if (status == G_TLS_CONNECTION_BASE_OK)
+ if (status == G_TLS_OPERATION_SUCCESS)
self->ever_handshaked = TRUE;
if (gnutls_alpn_get_selected_protocol (self->session, &protocol) == 0 && protocol.size > 0)
@@ -663,7 +689,7 @@ g_tls_operations_thread_gnutls_handshake (GTlsOperationsThreadBase *base,
return status;
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_operations_thread_gnutls_read (GTlsOperationsThreadBase *base,
void *buffer,
gsize size,
@@ -672,7 +698,7 @@ g_tls_operations_thread_gnutls_read (GTlsOperationsThreadBase *base,
GError **error)
{
GTlsOperationsThreadGnutls *self = G_TLS_OPERATIONS_THREAD_GNUTLS (base);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gssize ret;
if (self->application_data_buffer)
@@ -683,7 +709,7 @@ g_tls_operations_thread_gnutls_read (GTlsOperationsThreadBase *base,
g_clear_pointer (&self->application_data_buffer, g_byte_array_unref);
else
g_byte_array_remove_range (self->application_data_buffer, 0, *nread);
- return G_TLS_CONNECTION_BASE_OK;
+ return G_TLS_OPERATION_SUCCESS;
}
BEGIN_GNUTLS_IO (self, G_IO_IN, cancellable);
@@ -719,7 +745,7 @@ input_vectors_from_gnutls_datum_t (GInputVector *vectors,
return total;
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_operations_thread_gnutls_read_message (GTlsOperationsThreadBase *base,
GInputVector *vectors,
guint num_vectors,
@@ -728,7 +754,7 @@ g_tls_operations_thread_gnutls_read_message (GTlsOperationsThreadBase *base,
GError **error)
{
GTlsOperationsThreadGnutls *self = G_TLS_OPERATIONS_THREAD_GNUTLS (base);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gssize ret;
gnutls_packet_t packet = { 0, };
@@ -750,7 +776,7 @@ g_tls_operations_thread_gnutls_read_message (GTlsOperationsThreadBase *base,
g_clear_pointer (&self->application_data_buffer, g_byte_array_unref);
else
g_byte_array_remove_range (self->application_data_buffer, 0, count);
- return G_TLS_CONNECTION_BASE_OK;
+ return G_TLS_OPERATION_SUCCESS;
}
}
@@ -774,7 +800,7 @@ g_tls_operations_thread_gnutls_read_message (GTlsOperationsThreadBase *base,
return status;
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_operations_thread_gnutls_write (GTlsOperationsThreadBase *base,
const void *buffer,
gsize size,
@@ -783,7 +809,7 @@ g_tls_operations_thread_gnutls_write (GTlsOperationsThreadBase *base,
GError **error)
{
GTlsOperationsThreadGnutls *self = G_TLS_OPERATIONS_THREAD_GNUTLS (base);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gssize ret;
BEGIN_GNUTLS_IO (self, G_IO_OUT, cancellable);
@@ -794,7 +820,7 @@ g_tls_operations_thread_gnutls_write (GTlsOperationsThreadBase *base,
return status;
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_operations_thread_gnutls_write_message (GTlsOperationsThreadBase *base,
GOutputVector *vectors,
guint num_vectors,
@@ -803,7 +829,7 @@ g_tls_operations_thread_gnutls_write_message (GTlsOperationsThreadBase *base,
GError **error)
{
GTlsOperationsThreadGnutls *self = G_TLS_OPERATIONS_THREAD_GNUTLS (base);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gssize ret;
guint i;
gsize total_message_size;
@@ -829,7 +855,7 @@ g_tls_operations_thread_gnutls_write_message (GTlsOperationsThreadBase *base,
mtu);
g_free (message);
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
/* Queue up the data from all the vectors. */
@@ -857,13 +883,13 @@ g_tls_operations_thread_gnutls_write_message (GTlsOperationsThreadBase *base,
return status;
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_operations_thread_gnutls_close (GTlsOperationsThreadBase *base,
GCancellable *cancellable,
GError **error)
{
GTlsOperationsThreadGnutls *self = G_TLS_OPERATIONS_THREAD_GNUTLS (base);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
int ret;
BEGIN_GNUTLS_IO (self, G_IO_IN | G_IO_OUT, cancellable);
@@ -1331,7 +1357,7 @@ retrieve_certificate_cb (gnutls_session_t session,
* be optional, e.g. if the server is using
* G_TLS_AUTHENTICATION_REQUESTED, not G_TLS_AUTHENTICATION_REQUIRED.
*/
- g_tls_operations_thread_base_set_is_missing_requested_client_certificate
(G_TLS_OPERATIONS_THREAD_BASE (self));
+ g_tls_operations_thread_base_set_missing_requested_client_certificate
(G_TLS_OPERATIONS_THREAD_BASE (self));
return 0;
}
}
@@ -1343,7 +1369,7 @@ retrieve_certificate_cb (gnutls_session_t session,
/* No private key. GnuTLS expects it to be non-null if pcert_length is
* nonzero, so we have to abort now.
*/
- g_tls_operations_thread_base_set_is_missing_requested_client_certificate
(G_TLS_OPERATIONS_THREAD_BASE (self));
+ g_tls_operations_thread_base_set_missing_requested_client_certificate
(G_TLS_OPERATIONS_THREAD_BASE (self));
return -1;
}
}
diff --git a/tls/openssl/gtlsconnection-openssl.c b/tls/openssl/gtlsconnection-openssl.c
index bb9f507..43c6f16 100644
--- a/tls/openssl/gtlsconnection-openssl.c
+++ b/tls/openssl/gtlsconnection-openssl.c
@@ -124,7 +124,7 @@ g_tls_connection_openssl_push_io (GTlsConnectionBase *tls,
}
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_connection_openssl_pop_io (GTlsConnectionBase *tls,
GIOCondition direction,
gboolean success,
diff --git a/tls/openssl/gtlsoperationsthread-openssl.c b/tls/openssl/gtlsoperationsthread-openssl.c
index 9a0a36c..e67bbee 100644
--- a/tls/openssl/gtlsoperationsthread-openssl.c
+++ b/tls/openssl/gtlsoperationsthread-openssl.c
@@ -48,7 +48,7 @@ G_DEFINE_TYPE_WITH_CODE (GTlsOperationsThreadOpenssl, g_tls_operations_thread_op
g_tls_operations_thread_openssl_initable_iface_init);
)
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
end_openssl_io (GTlsOperationsThreadOpenssl *self,
GIOCondition direction,
int ret,
@@ -59,7 +59,7 @@ end_openssl_io (GTlsOperationsThreadOpenssl *self,
GTlsConnectionBase *tls;
int err_code, err, err_lib, reason;
GError *my_error = NULL;
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
tls = g_tls_operations_thread_base_get_connection (G_TLS_OPERATIONS_THREAD_BASE (self));
@@ -68,11 +68,11 @@ end_openssl_io (GTlsOperationsThreadOpenssl *self,
status = g_tls_connection_base_pop_io (tls, direction, ret > 0, &my_error);
if (err_code == SSL_ERROR_ZERO_RETURN)
- return G_TLS_CONNECTION_BASE_OK;
+ return G_TLS_OPERATION_SUCCESS;
- if (status == G_TLS_CONNECTION_BASE_OK ||
- status == G_TLS_CONNECTION_BASE_WOULD_BLOCK ||
- status == G_TLS_CONNECTION_BASE_TIMED_OUT)
+ if (status == G_TLS_OPERATION_SUCCESS ||
+ status == G_TLS_OPERATION_WOULD_BLOCK ||
+ status == G_TLS_OPERATION_TIMED_OUT)
{
if (my_error)
g_propagate_error (error, my_error);
@@ -84,7 +84,7 @@ end_openssl_io (GTlsOperationsThreadOpenssl *self,
((self->shutting_down && !my_error) || g_error_matches (my_error, G_IO_ERROR, G_IO_ERROR_BROKEN_PIPE)))
{
g_clear_error (&my_error);
- return G_TLS_CONNECTION_BASE_OK;
+ return G_TLS_OPERATION_SUCCESS;
}
err = ERR_get_error ();
@@ -104,7 +104,7 @@ end_openssl_io (GTlsOperationsThreadOpenssl *self,
g_clear_error (&my_error);
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_NOT_TLS,
_("Peer failed to perform TLS handshake: %s"), ERR_reason_error_string (err));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
}
@@ -116,7 +116,7 @@ end_openssl_io (GTlsOperationsThreadOpenssl *self,
if (reason == SSL_R_SHUTDOWN_WHILE_IN_INIT)
{
g_clear_error (&my_error);
- return G_TLS_CONNECTION_BASE_OK;
+ return G_TLS_OPERATION_SUCCESS;
}
#endif
@@ -137,7 +137,7 @@ end_openssl_io (GTlsOperationsThreadOpenssl *self,
g_clear_error (&my_error);
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE,
_("Unacceptable TLS certificate"));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
if (reason == SSL_R_TLSV1_ALERT_UNKNOWN_CA)
@@ -145,7 +145,7 @@ end_openssl_io (GTlsOperationsThreadOpenssl *self,
g_clear_error (&my_error);
g_set_error (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE,
_("Unacceptable TLS certificate authority"));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
if (err_lib == ERR_LIB_RSA && reason == RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY)
@@ -153,7 +153,7 @@ end_openssl_io (GTlsOperationsThreadOpenssl *self,
g_clear_error (&my_error);
g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE,
_("Digest too big for RSA key"));
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
if (my_error)
@@ -165,7 +165,7 @@ end_openssl_io (GTlsOperationsThreadOpenssl *self,
if (error && !*error)
*error = g_error_new (G_TLS_ERROR, G_TLS_ERROR_MISC, "%s: %s", err_prefix, err_str);
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
#define BEGIN_OPENSSL_IO(self, direction, cancellable) \
@@ -177,16 +177,16 @@ end_openssl_io (GTlsOperationsThreadOpenssl *self,
#define END_OPENSSL_IO(self, direction, ret, status, errmsg, err) \
ERR_error_string_n (SSL_get_error (self->ssl, ret), error_str, sizeof (error_str)); \
status = end_openssl_io (self, direction, ret, err, errmsg, error_str); \
- } while (status == G_TLS_CONNECTION_BASE_TRY_AGAIN);
+ } while (status == G_TLS_OPERATION_TRY_AGAIN);
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_operations_thread_openssl_handshake (GTlsOperationsThreadBase *base,
gint64 timeout,
GCancellable *cancellable,
GError **error)
{
GTlsOperationsThreadOpenssl *self = G_TLS_OPERATIONS_THREAD_OPENSSL (base);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
int ret;
/* FIXME: doesn't respect timeout */
@@ -201,14 +201,14 @@ g_tls_operations_thread_openssl_handshake (GTlsOperationsThreadBase *base,
if (ret > 0)
{
if (!g_tls_connection_base_handshake_thread_verify_certificate (G_TLS_CONNECTION_BASE (openssl)))
- return G_TLS_CONNECTION_BASE_ERROR;
+ return G_TLS_OPERATION_ERROR;
}
#endif
return status;
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_operations_thread_openssl_read (GTlsOperationsThreadBase *base,
void *buffer,
gsize size,
@@ -217,7 +217,7 @@ g_tls_operations_thread_openssl_read (GTlsOperationsThreadBase *base,
GError **error)
{
GTlsOperationsThreadOpenssl *self = G_TLS_OPERATIONS_THREAD_OPENSSL (base);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gssize ret;
BEGIN_OPENSSL_IO (self, G_IO_OUT, cancellable);
@@ -230,7 +230,7 @@ g_tls_operations_thread_openssl_read (GTlsOperationsThreadBase *base,
return status;
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_operations_thread_openssl_write (GTlsOperationsThreadBase *base,
const void *buffer,
gsize size,
@@ -239,7 +239,7 @@ g_tls_operations_thread_openssl_write (GTlsOperationsThreadBase *base,
GError **error)
{
GTlsOperationsThreadOpenssl *self = G_TLS_OPERATIONS_THREAD_OPENSSL (base);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
gssize ret;
BEGIN_OPENSSL_IO (self, G_IO_OUT, cancellable);
@@ -250,13 +250,13 @@ g_tls_operations_thread_openssl_write (GTlsOperationsThreadBase *base,
return status;
}
-static GTlsConnectionBaseStatus
+static GTlsOperationStatus
g_tls_operations_thread_openssl_close (GTlsOperationsThreadBase *base,
GCancellable *cancellable,
GError **error)
{
GTlsOperationsThreadOpenssl *self = G_TLS_OPERATIONS_THREAD_OPENSSL (base);
- GTlsConnectionBaseStatus status;
+ GTlsOperationStatus status;
int ret;
self->shutting_down = TRUE;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
