2003-07-12 Mikael Hallendal <micke@imendio.com>
* configure.in:
- Added SSL support, patch from Bartosz Zapalowski. THIS GUY ROCKS!
* docs/reference/loudmouth-sections.txt:
- added lm_connection_supports_ssl.
* loudmouth/lm-connection.c: Added support for SSL.
* loudmouth/test-lm.c: (main): Use SSL if it's compiled in.
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/.cvsignore Fri Jul 11 23:56:22 2003 +0000
@@ -0,0 +1,13 @@
+Makefile
+Makefile.in
+aclocal.m4
+autom4te*
+config.h*
+config.log
+config.status
+configure
+libtool
+*.tar.gz
+loudmouth.spec
+stamp-h1
+loudmouth-1.0.pc
--- a/ChangeLog Mon Jul 07 16:33:53 2003 +0000
+++ b/ChangeLog Fri Jul 11 23:56:22 2003 +0000
@@ -1,3 +1,12 @@
+2003-07-12 Mikael Hallendal <micke@imendio.com>
+
+ * configure.in:
+ - Added SSL support, patch from Bartosz Zapalowski. THIS GUY ROCKS!
+ * docs/reference/loudmouth-sections.txt:
+ - added lm_connection_supports_ssl.
+ * loudmouth/lm-connection.c: Added support for SSL.
+ * loudmouth/test-lm.c: (main): Use SSL if it's compiled in.
+
2003-07-07 Mikael Hallendal <micke@imendio.com>
* Release 0.10.1
--- a/configure.in Mon Jul 07 16:33:53 2003 +0000
+++ b/configure.in Fri Jul 11 23:56:22 2003 +0000
@@ -88,6 +88,30 @@
AC_CHECK_LIB(nsl,gethostbyname)
AC_CHECK_LIB(socket,socket)
+dnl +--------------------------------------------------------+
+dnl | Checking for SSL (through GnuTLS) support |
+dnl +--------------------------------------------------------+
+AC_MSG_CHECKING([for GnuTLS support])
+
+AC_ARG_WITH(ssl, [ --without-ssl disable ssl support],
+ ac_ssl=$withval,
+ ac_ssl=yes
+ )
+
+if test x$ac_ssl != xno; then
+ GNUTLS_CFLAGS=`libgnutls-config --cflags`
+ if test "x$GNUTLS_CFLAGS" = "x"; then
+ AC_MSG_RESULT(no)
+ else
+ AC_MSG_RESULT(yes)
+ GNUTLS_LDFLAGS=`libgnutls-config --libs`
+ CFLAGS="$CFLAGS $GNUTLS_CFLAGS"
+ LDFLAGS="$LDFLAGS $GNUTLS_LDFLAGS"
+ AC_DEFINE(HAVE_GNUTLS, 1, [whether to use GnuTSL support.])
+ fi
+else
+ AC_MSG_RESULT(no)
+fi
dnl +-------------+
dnl | Build Flags |--------------------------------------------
@@ -115,6 +139,8 @@
echo "Debugging enabled"
fi
+
+
AC_SUBST(LOUDMOUTH_CFLAGS)
AC_SUBST(LOUDMOUTH_LIBS)
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/.cvsignore Fri Jul 11 23:56:22 2003 +0000
@@ -0,0 +1,2 @@
+Makefile
+Makefile.in
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/docs/reference/.cvsignore Fri Jul 11 23:56:22 2003 +0000
@@ -0,0 +1,14 @@
+Makefile
+Makefile.in
+*.stamp
+html
+loudmouth-decl-list.txt
+loudmouth-decl.txt
+loudmouth-undocumented.txt
+loudmouth-unused.txt
+loudmouth.args
+loudmouth.hierarchy
+loudmouth.interfaces
+loudmouth.prerequisites
+loudmouth.signals
+xml
--- a/docs/reference/loudmouth-sections.txt Mon Jul 07 16:33:53 2003 +0000
+++ b/docs/reference/loudmouth-sections.txt Fri Jul 11 23:56:22 2003 +0000
@@ -21,6 +21,7 @@
lm_connection_set_server
lm_connection_get_port
lm_connection_set_port
+lm_connection_supports_ssl
lm_connection_get_use_ssl
lm_connection_set_use_ssl
lm_connection_send
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/loudmouth/.cvsignore Fri Jul 11 23:56:22 2003 +0000
@@ -0,0 +1,3 @@
+Makefile
+Makefile.in
+test-lm
--- a/loudmouth/lm-connection.c Mon Jul 07 16:33:53 2003 +0000
+++ b/loudmouth/lm-connection.c Fri Jul 11 23:56:22 2003 +0000
@@ -21,6 +21,10 @@
#include <config.h>
+#ifdef HAVE_GNUTLS
+#include <gnutls/gnutls.h>
+#endif
+
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
@@ -54,10 +58,15 @@
struct _LmConnection {
/* Parameters */
- gchar *server;
- guint port;
- gboolean use_ssl;
+ gchar *server;
+ guint port;
+ gboolean use_ssl;
+#ifdef HAVE_GNUTLS
+ gnutls_session gnutls_session;
+ gnutls_certificate_client_credentials gnutls_xcred;
+#endif
+
gboolean is_open;
gboolean is_authenticated;
@@ -226,20 +235,58 @@
haddr = ((struct in_addr *) (he->h_addr_list)[0]);
- fd = socket(AF_INET, SOCK_STREAM, 0);
- memset(&saddr, 0, sizeof(saddr));
- memcpy(&saddr.sin_addr, haddr, sizeof(struct in_addr));
- saddr.sin_family = AF_INET;
- saddr.sin_port = htons (connection->port);
-
+#ifdef HAVE_GNUTLS
+ if (connection->use_ssl) {
+ gnutls_global_init ();
+ gnutls_certificate_allocate_credentials(&connection->gnutls_xcred);
+ }
+#endif
+
+ fd = socket(AF_INET, SOCK_STREAM, 0);
+ memset(&saddr, 0, sizeof(saddr));
+ memcpy(&saddr.sin_addr, haddr, sizeof(struct in_addr));
+ saddr.sin_family = AF_INET;
+ saddr.sin_port = htons (connection->port);
+
if (connect(fd, (struct sockaddr *)&saddr, sizeof(saddr)) < 0) {
- g_set_error (error,
+ g_set_error (error,
LM_ERROR,
LM_ERROR_CONNECTION_OPEN,
"connect() failed");
close (fd);
return FALSE;
}
+
+#ifdef HAVE_GNUTLS
+ if (connection->use_ssl) {
+ int ret;
+ const int cert_type_priority[2] =
+ { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP };
+
+ gnutls_init (&connection->gnutls_session, GNUTLS_CLIENT);
+ gnutls_set_default_priority (connection->gnutls_session);
+ gnutls_certificate_type_set_priority (connection->gnutls_session,
+ cert_type_priority);
+ gnutls_credentials_set (connection->gnutls_session,
+ GNUTLS_CRD_CERTIFICATE,
+ connection->gnutls_xcred);
+
+ gnutls_transport_set_ptr (connection->gnutls_session,
+ (gnutls_transport_ptr) fd);
+
+ ret = gnutls_handshake (connection->gnutls_session);
+
+ if (ret < 0) {
+ gnutls_perror (ret);
+ shutdown (fd, SHUT_RDWR);
+ close (fd);
+ connection_do_close (connection);
+ g_set_error (error, LM_ERROR, LM_ERROR_CONNECTION_OPEN,
+ "*** GNUTLS handshake failed");
+ return FALSE;
+ }
+ }
+#endif
connection->io_channel = g_io_channel_unix_new (fd);
g_io_channel_set_close_on_unref (connection->io_channel, TRUE);
@@ -281,6 +328,14 @@
connection->io_channel = NULL;
connection->is_open = FALSE;
+
+#ifdef HAVE_GNUTLS
+ if (connection->use_ssl) {
+ gnutls_deinit (connection->gnutls_session);
+ gnutls_certificate_free_credentials (connection->gnutls_xcred);
+ gnutls_global_deinit ();
+ }
+#endif
}
@@ -295,10 +350,25 @@
if (!connection->io_channel) {
return FALSE;
}
- g_io_channel_read_chars (connection->io_channel,
- buf, IN_BUFFER_SIZE - 1,
- &bytes_read,
- NULL);
+#ifdef HAVE_GNUTLS
+ if (connection->use_ssl) {
+ bytes_read = gnutls_record_recv (connection->gnutls_session,
+ buf,IN_BUFFER_SIZE - 1);
+ if (bytes_read <= 0) {
+ connection_error_event (connection->io_channel,
+ G_IO_HUP,
+ connection);
+ }
+ } else {
+#endif
+ g_io_channel_read_chars (connection->io_channel,
+ buf, IN_BUFFER_SIZE - 1,
+ &bytes_read,
+ NULL);
+#ifdef HAVE_GNUTLS
+ }
+#endif
+
buf[bytes_read] = '\0';
g_log (LM_LOG_DOMAIN, LM_LOG_LEVEL_NET, "\nRECV:\n");
g_log (LM_LOG_DOMAIN, LM_LOG_LEVEL_NET,
@@ -365,8 +435,23 @@
g_log (LM_LOG_DOMAIN, LM_LOG_LEVEL_NET,
"-----------------------------------\n");
- g_io_channel_write_chars (connection->io_channel, str, len,
- &bytes_written, NULL);
+#ifdef HAVE_GNUTLS
+ if (connection->use_ssl) {
+ while ((bytes_written = gnutls_record_send (connection->gnutls_session, str, len)) < 0)
+ if (bytes_written != GNUTLS_E_INTERRUPTED &&
+ bytes_written != GNUTLS_E_AGAIN)
+ {
+ connection_error_event (connection->io_channel, G_IO_HUP,
+ connection);
+ }
+
+ } else {
+#endif
+ g_io_channel_write_chars (connection->io_channel, str, len,
+ &bytes_written, NULL);
+#ifdef HAVE_GNUTLS
+ }
+#endif
return TRUE;
}
@@ -992,6 +1077,23 @@
}
/**
+ * lm_connection_supports_ssl:
+ *
+ * Checks whether Loudmouth supports SSL or not
+ *
+ * Return value: #TRUE if this installation of Loudmouth supports SSL, otherwise returnes #FALSE.
+ **/
+gboolean
+lm_connection_supports_ssl (void)
+{
+#ifdef HAVE_GNUTLS
+ return TRUE;
+#else
+ return FALSE;
+#endif
+}
+
+/**
* lm_connection_get_use_ssl:
* @connection: an #LmConnection
*
--- a/loudmouth/lm-connection.h Mon Jul 07 16:33:53 2003 +0000
+++ b/loudmouth/lm-connection.h Fri Jul 11 23:56:22 2003 +0000
@@ -100,6 +100,7 @@
guint lm_connection_get_port (LmConnection *connection);
void lm_connection_set_port (LmConnection *connection,
guint port);
+gboolean lm_connection_supports_ssl (void);
gboolean lm_connection_get_use_ssl (LmConnection *connection);
void lm_connection_set_use_ssl (LmConnection *connection,
gboolean use_ssl);
@@ -136,5 +137,4 @@
LmConnection* lm_connection_ref (LmConnection *connection);
void lm_connection_unref (LmConnection *connection);
-
#endif /* __LM_CONNECTION_H__ */
--- a/loudmouth/test-lm.c Mon Jul 07 16:33:53 2003 +0000
+++ b/loudmouth/test-lm.c Fri Jul 11 23:56:22 2003 +0000
@@ -123,6 +123,11 @@
connection = lm_connection_new (argv[1]);
+ if (lm_connection_supports_ssl ()) {
+ lm_connection_set_port (connection, 5223);
+ lm_connection_set_use_ssl (connection, TRUE);
+ }
+
handler = lm_message_handler_new (handle_messages, NULL, NULL);
lm_connection_register_message_handler (connection, handler,
LM_MESSAGE_TYPE_MESSAGE,