[glib-networking] Add TLS channel binding interface call to GTlsConnectionBase class
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking] Add TLS channel binding interface call to GTlsConnectionBase class
- Date: Thu, 17 Sep 2020 17:07:12 +0000 (UTC)
commit fed81fd1d2968e29683d4024a9aa3f9de0f0f5f7
Author: Ruslan N. Marchenko <me ruff mobi>
Date: Wed Sep 2 22:43:12 2020 +0200
Add TLS channel binding interface call to GTlsConnectionBase class
The base class mainly assigns GTlsConnection and GDtlsConnection
vfuncs, checks whether handshake is complete and passes the data
to the low-level TLS backend implementation via own vfunc
tls/base/gtlsconnection-base.c | 37 +++++++++++++++++++++++++++++++++++++
tls/base/gtlsconnection-base.h | 5 +++++
2 files changed, 42 insertions(+)
---
diff --git a/tls/base/gtlsconnection-base.c b/tls/base/gtlsconnection-base.c
index 97ac24fa..0bbc6b5a 100644
--- a/tls/base/gtlsconnection-base.c
+++ b/tls/base/gtlsconnection-base.c
@@ -1406,6 +1406,41 @@ g_tls_connection_base_handshake_thread_verify_certificate (GTlsConnectionBase *t
return accepted;
}
+static gboolean
+g_tls_connection_base_get_binding_data (GTlsConnection *conn,
+ GTlsChannelBindingType type,
+ GByteArray *data,
+ GError **error)
+{
+ GTlsConnectionBase *tls = G_TLS_CONNECTION_BASE (conn);
+ GTlsConnectionBasePrivate *priv = g_tls_connection_base_get_instance_private (tls);
+ GTlsConnectionBaseClass *tls_class = G_TLS_CONNECTION_BASE_GET_CLASS (tls);
+
+ g_assert (tls_class->get_channel_binding_data);
+
+ if (!priv->ever_handshaked || priv->need_handshake)
+ {
+ g_set_error (error, G_TLS_CHANNEL_BINDING_ERROR,
+ G_TLS_CHANNEL_BINDING_ERROR_INVALID_STATE,
+ _("Handshake is not finished, no channel binding information yet"));
+ return FALSE;
+ }
+
+ return tls_class->get_channel_binding_data (tls, type, data, error);
+}
+
+static gboolean
+g_tls_connection_base_dtls_get_binding_data (GDtlsConnection *conn,
+ GTlsChannelBindingType type,
+ GByteArray *data,
+ GError **error)
+{
+ GTlsConnectionBase *tls = G_TLS_CONNECTION_BASE (conn);
+
+ return g_tls_connection_base_get_binding_data ((GTlsConnection *)tls,
+ type, data, error);
+}
+
static void
handshake_thread (GTask *task,
gpointer object,
@@ -2679,6 +2714,7 @@ g_tls_connection_base_class_init (GTlsConnectionBaseClass *klass)
connection_class->handshake = g_tls_connection_base_handshake;
connection_class->handshake_async = g_tls_connection_base_handshake_async;
connection_class->handshake_finish = g_tls_connection_base_handshake_finish;
+ connection_class->get_binding_data = g_tls_connection_base_get_binding_data;
iostream_class->get_input_stream = g_tls_connection_base_get_input_stream;
iostream_class->get_output_stream = g_tls_connection_base_get_output_stream;
@@ -2715,6 +2751,7 @@ g_tls_connection_base_dtls_connection_iface_init (GDtlsConnectionInterface *ifac
iface->shutdown_finish = g_tls_connection_base_dtls_shutdown_finish;
iface->set_advertised_protocols = g_tls_connection_base_dtls_set_advertised_protocols;
iface->get_negotiated_protocol = g_tls_connection_base_dtls_get_negotiated_protocol;
+ iface->get_binding_data = g_tls_connection_base_dtls_get_binding_data;
}
static void
diff --git a/tls/base/gtlsconnection-base.h b/tls/base/gtlsconnection-base.h
index 45c14e52..73126837 100644
--- a/tls/base/gtlsconnection-base.h
+++ b/tls/base/gtlsconnection-base.h
@@ -79,6 +79,11 @@ struct _GTlsConnectionBaseClass
gboolean (*is_session_resumed) (GTlsConnectionBase *tls);
+ gboolean (*get_channel_binding_data) (GTlsConnectionBase *tls,
+ GTlsChannelBindingType type,
+ GByteArray *data,
+ GError **error);
+
void (*push_io) (GTlsConnectionBase *tls,
GIOCondition direction,
gint64 timeout,
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
