[glib-networking] Add TLS channel binding interface call to GTlsConnectionBase class
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking] Add TLS channel binding interface call to GTlsConnectionBase class
- Date: Tue, 1 Sep 2020 16:08:46 +0000 (UTC)
commit 652771c9503f83722e53aaf92a42fcdee5ce3463
Author: Ruslan N. Marchenko <me ruff mobi>
Date: Wed Jun 3 23:54:46 2020 +0200
Add TLS channel binding interface call to GTlsConnectionBase class
The base class mainly assigns GTlsConnection and GDtlsConnection
vfuncs, checks whether handshake is complete and passes the data
to the low-level TLS backend implementation via own vfunc
tls/base/gtlsconnection-base.c | 37 +++++++++++++++++++++++++++++++++++++
tls/base/gtlsconnection-base.h | 5 +++++
2 files changed, 42 insertions(+)
---
diff --git a/tls/base/gtlsconnection-base.c b/tls/base/gtlsconnection-base.c
index 97ac24f..0bbc6b5 100644
--- a/tls/base/gtlsconnection-base.c
+++ b/tls/base/gtlsconnection-base.c
@@ -1406,6 +1406,41 @@ g_tls_connection_base_handshake_thread_verify_certificate (GTlsConnectionBase *t
return accepted;
}
+static gboolean
+g_tls_connection_base_get_binding_data (GTlsConnection *conn,
+ GTlsChannelBindingType type,
+ GByteArray *data,
+ GError **error)
+{
+ GTlsConnectionBase *tls = G_TLS_CONNECTION_BASE (conn);
+ GTlsConnectionBasePrivate *priv = g_tls_connection_base_get_instance_private (tls);
+ GTlsConnectionBaseClass *tls_class = G_TLS_CONNECTION_BASE_GET_CLASS (tls);
+
+ g_assert (tls_class->get_channel_binding_data);
+
+ if (!priv->ever_handshaked || priv->need_handshake)
+ {
+ g_set_error (error, G_TLS_CHANNEL_BINDING_ERROR,
+ G_TLS_CHANNEL_BINDING_ERROR_INVALID_STATE,
+ _("Handshake is not finished, no channel binding information yet"));
+ return FALSE;
+ }
+
+ return tls_class->get_channel_binding_data (tls, type, data, error);
+}
+
+static gboolean
+g_tls_connection_base_dtls_get_binding_data (GDtlsConnection *conn,
+ GTlsChannelBindingType type,
+ GByteArray *data,
+ GError **error)
+{
+ GTlsConnectionBase *tls = G_TLS_CONNECTION_BASE (conn);
+
+ return g_tls_connection_base_get_binding_data ((GTlsConnection *)tls,
+ type, data, error);
+}
+
static void
handshake_thread (GTask *task,
gpointer object,
@@ -2679,6 +2714,7 @@ g_tls_connection_base_class_init (GTlsConnectionBaseClass *klass)
connection_class->handshake = g_tls_connection_base_handshake;
connection_class->handshake_async = g_tls_connection_base_handshake_async;
connection_class->handshake_finish = g_tls_connection_base_handshake_finish;
+ connection_class->get_binding_data = g_tls_connection_base_get_binding_data;
iostream_class->get_input_stream = g_tls_connection_base_get_input_stream;
iostream_class->get_output_stream = g_tls_connection_base_get_output_stream;
@@ -2715,6 +2751,7 @@ g_tls_connection_base_dtls_connection_iface_init (GDtlsConnectionInterface *ifac
iface->shutdown_finish = g_tls_connection_base_dtls_shutdown_finish;
iface->set_advertised_protocols = g_tls_connection_base_dtls_set_advertised_protocols;
iface->get_negotiated_protocol = g_tls_connection_base_dtls_get_negotiated_protocol;
+ iface->get_binding_data = g_tls_connection_base_dtls_get_binding_data;
}
static void
diff --git a/tls/base/gtlsconnection-base.h b/tls/base/gtlsconnection-base.h
index 45c14e5..7312683 100644
--- a/tls/base/gtlsconnection-base.h
+++ b/tls/base/gtlsconnection-base.h
@@ -79,6 +79,11 @@ struct _GTlsConnectionBaseClass
gboolean (*is_session_resumed) (GTlsConnectionBase *tls);
+ gboolean (*get_channel_binding_data) (GTlsConnectionBase *tls,
+ GTlsChannelBindingType type,
+ GByteArray *data,
+ GError **error);
+
void (*push_io) (GTlsConnectionBase *tls,
GIOCondition direction,
gint64 timeout,
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
