Context Navigation

source: lib/ssl_gnutls.c @ 5bcf70a

Last change on this file since 5bcf70a was df1694b, checked in by Wilmer van der Gaast <wilmer@…>, at 2006-06-25T12:15:42Z
Moving all generic files to lib/ instead of having some in / and some in protocols/, and adding RC4 code.
Property mode set to `100644`
File size: 4.8 KB

Line
1	/********************************************************************\
2	* BitlBee -- An IRC to other IM-networks gateway *
3	* *
4	* Copyright 2002-2004 Wilmer van der Gaast and others *
5	\********************************************************************/
6
7	/* SSL module - GnuTLS version */
8
9	/*
10	This program is free software; you can redistribute it and/or modify
11	it under the terms of the GNU General Public License as published by
12	the Free Software Foundation; either version 2 of the License, or
13	(at your option) any later version.
14
15	This program is distributed in the hope that it will be useful,
16	but WITHOUT ANY WARRANTY; without even the implied warranty of
17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18	GNU General Public License for more details.
19
20	You should have received a copy of the GNU General Public License with
21	the Debian GNU/Linux distribution in /usr/share/common-licenses/GPL;
22	if not, write to the Free Software Foundation, Inc., 59 Temple Place,
23	Suite 330, Boston, MA 02111-1307 USA
24	*/
25
26	#include <gnutls/gnutls.h>
27	#include <fcntl.h>
28	#include <unistd.h>
29	#include "proxy.h"
30	#include "ssl_client.h"
31	#include "sock.h"
32	#include "stdlib.h"
33
34	int ssl_errno = 0;
35
36	static gboolean initialized = FALSE;
37
38	struct scd
39	{
40	ssl_input_function func;
41	gpointer data;
42	int fd;
43	gboolean established;
44	int inpa;
45
46	gnutls_session session;
47	gnutls_certificate_credentials xcred;
48	};
49
50	static gboolean ssl_connected( gpointer data, gint source, b_input_condition cond );
51
52
53	void ssl_connect( char host, int port, ssl_input_function func, gpointer data )
54	{
55	struct scd *conn = g_new0( struct scd, 1 );
56
57	conn->fd = proxy_connect( host, port, ssl_connected, conn );
58	conn->func = func;
59	conn->data = data;
60	conn->inpa = -1;
61
62	if( conn->fd < 0 )
63	{
64	g_free( conn );
65	return( NULL );
66	}
67
68	if( !initialized )
69	{
70	gnutls_global_init();
71	initialized = TRUE;
72	atexit( gnutls_global_deinit );
73	}
74
75	gnutls_certificate_allocate_credentials( &conn->xcred );
76	gnutls_init( &conn->session, GNUTLS_CLIENT );
77	gnutls_set_default_priority( conn->session );
78	gnutls_credentials_set( conn->session, GNUTLS_CRD_CERTIFICATE, conn->xcred );
79
80	return( conn );
81	}
82
83	static gboolean ssl_handshake( gpointer data, gint source, b_input_condition cond );
84
85	static gboolean ssl_connected( gpointer data, gint source, b_input_condition cond )
86	{
87	struct scd *conn = data;
88
89	if( source == -1 )
90	{
91	conn->func( conn->data, NULL, cond );
92
93	gnutls_deinit( conn->session );
94	gnutls_certificate_free_credentials( conn->xcred );
95
96	g_free( conn );
97
98	return FALSE;
99	}
100
101	sock_make_nonblocking( conn->fd );
102	gnutls_transport_set_ptr( conn->session, (gnutls_transport_ptr) conn->fd );
103
104	return ssl_handshake( data, source, cond );
105	}
106
107	static gboolean ssl_handshake( gpointer data, gint source, b_input_condition cond )
108	{
109	struct scd *conn = data;
110	int st;
111
112	if( ( st = gnutls_handshake( conn->session ) ) < 0 )
113	{
114	if( st == GNUTLS_E_AGAIN \|\| st == GNUTLS_E_INTERRUPTED )
115	{
116	conn->inpa = b_input_add( conn->fd, ssl_getdirection( conn ),
117	ssl_handshake, data );
118	}
119	else
120	{
121	conn->func( conn->data, NULL, cond );
122
123	gnutls_deinit( conn->session );
124	gnutls_certificate_free_credentials( conn->xcred );
125	closesocket( conn->fd );
126
127	g_free( conn );
128	}
129	}
130	else
131	{
132	/* For now we can't handle non-blocking perfectly everywhere... */
133	sock_make_blocking( conn->fd );
134
135	conn->established = TRUE;
136	conn->func( conn->data, conn, cond );
137	}
138
139	return FALSE;
140	}
141
142	int ssl_read( void conn, char buf, int len )
143	{
144	int st;
145
146	if( !((struct scd*)conn)->established )
147	{
148	ssl_errno = SSL_NOHANDSHAKE;
149	return( -1 );
150	}
151
152	st = gnutls_record_recv( ((struct scd*)conn)->session, buf, len );
153
154	ssl_errno = SSL_OK;
155	if( st == GNUTLS_E_AGAIN \|\| st == GNUTLS_E_INTERRUPTED )
156	ssl_errno = SSL_AGAIN;
157
158	return st;
159	}
160
161	int ssl_write( void conn, const char buf, int len )
162	{
163	int st;
164
165	if( !((struct scd*)conn)->established )
166	{
167	ssl_errno = SSL_NOHANDSHAKE;
168	return( -1 );
169	}
170
171	st = gnutls_record_send( ((struct scd*)conn)->session, buf, len );
172
173	ssl_errno = SSL_OK;
174	if( st == GNUTLS_E_AGAIN \|\| st == GNUTLS_E_INTERRUPTED )
175	ssl_errno = SSL_AGAIN;
176
177	return st;
178	}
179
180	void ssl_disconnect( void *conn_ )
181	{
182	struct scd *conn = conn_;
183
184	if( conn->inpa != -1 )
185	b_event_remove( conn->inpa );
186
187	if( conn->established )
188	gnutls_bye( conn->session, GNUTLS_SHUT_WR );
189
190	closesocket( conn->fd );
191
192	gnutls_deinit( conn->session );
193	gnutls_certificate_free_credentials( conn->xcred );
194	g_free( conn );
195	}
196
197	int ssl_getfd( void *conn )
198	{
199	return( ((struct scd*)conn)->fd );
200	}
201
202	b_input_condition ssl_getdirection( void *conn )
203	{
204	return( gnutls_record_get_direction( ((struct scd*)conn)->session ) ?
205	GAIM_INPUT_WRITE : GAIM_INPUT_READ );
206	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: