← Back to branch summary

~ubuntu-branches/ubuntu/trusty/telepathy-idle/trusty

« back to all changes in this revision

Viewing changes to .pc/0001-Don-t-use-telepathy-glib-dbus.h-with-older-telepathy.patch/src/server-tls-channel.c

  • Committer: Package Import Robot
  • Author(s): Simon McVittie
  • Date: 2013-05-01 15:52:26 UTC
  • mfrom: (1.3.6)
  • Revision ID: package-import@ubuntu.com-20130501155226-ttpmql3jetet34iu
Tags: 0.1.16-1
http://bugs.debian.org/706270
* New upstream release
  - adds support for interactive TLS certificate verification
    (Closes: #706270)
* Add a patch to avoid use of a telepathy-glib 0.20 header, to make
  this easy to backport to wheezy

Show diffs side-by-side

added added

removed removed

Lines of Context:
.pc/0001-Don-t-use-telepathy-glib-dbus.h-with-older-telepathy.patch/src/server-tls-channel.c
 
1
/*
 
2
 * server-tls-channel.c - Source for IdleServerTLSChannel
 
3
 * Copyright (C) 2010 Collabora Ltd.
 
4
 * @author Cosimo Cecchi <cosimo.cecchi@collabora.co.uk>
 
5
 *
 
6
 * This library is free software; you can redistribute it and/or
 
7
 * modify it under the terms of the GNU Lesser General Public
 
8
 * License as published by the Free Software Foundation; either
 
9
 * version 2.1 of the License, or (at your option) any later version.
 
10
 *
 
11
 * This library is distributed in the hope that it will be useful,
 
12
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 
13
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 
14
 * Lesser General Public License for more details.
 
15
 *
 
16
 * You should have received a copy of the GNU Lesser General Public
 
17
 * License along with this library; if not, write to the Free Software
 
18
 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 
19
 */
 
20
 
 
21
#include <config.h>
 
22
 
 
23
#include "server-tls-channel.h"
 
24
 
 
25
#include <gio/gio.h>
 
26
#include <telepathy-glib/telepathy-glib.h>
 
27
#include <telepathy-glib/telepathy-glib-dbus.h>
 
28
 
 
29
#define IDLE_DEBUG_FLAG IDLE_DEBUG_TLS
 
30
#include "idle-debug.h"
 
31
#include "tls-certificate.h"
 
32
 
 
33
G_DEFINE_TYPE_WITH_CODE (IdleServerTLSChannel, idle_server_tls_channel,
 
34
    TP_TYPE_BASE_CHANNEL,
 
35
    G_IMPLEMENT_INTERFACE (TP_TYPE_SVC_CHANNEL_TYPE_SERVER_TLS_CONNECTION,
 
36
        NULL));
 
37
 
 
38
static void idle_server_tls_channel_close (TpBaseChannel *base);
 
39
 
 
40
enum {
 
41
  /* server TLS channel iface */
 
42
  PROP_SERVER_CERTIFICATE = 1,
 
43
  PROP_HOSTNAME,
 
44
  PROP_REFERENCE_IDENTITIES,
 
45
 
 
46
  /* not exported */
 
47
  PROP_CERTIFICATE,
 
48
 
 
49
  NUM_PROPERTIES
 
50
};
 
51
 
 
52
struct _IdleServerTLSChannelPrivate {
 
53
  GTlsCertificate *certificate;
 
54
 
 
55
  IdleTLSCertificate *server_cert;
 
56
  gchar *server_cert_path;
 
57
  gchar *hostname;
 
58
  GStrv reference_identities;
 
59
 
 
60
  gboolean dispose_has_run;
 
61
};
 
62
 
 
63
static void
 
64
idle_server_tls_channel_get_property (GObject *object,
 
65
    guint property_id,
 
66
    GValue *value,
 
67
    GParamSpec *pspec)
 
68
{
 
69
  IdleServerTLSChannel *self = IDLE_SERVER_TLS_CHANNEL (object);
 
70
 
 
71
  switch (property_id)
 
72
    {
 
73
    case PROP_SERVER_CERTIFICATE:
 
74
      g_value_set_boxed (value, self->priv->server_cert_path);
 
75
      break;
 
76
    case PROP_HOSTNAME:
 
77
      g_value_set_string (value, self->priv->hostname);
 
78
      break;
 
79
    case PROP_REFERENCE_IDENTITIES:
 
80
      g_value_set_boxed (value, self->priv->reference_identities);
 
81
      break;
 
82
    case PROP_CERTIFICATE:
 
83
      g_value_set_object (value, self->priv->certificate);
 
84
      break;
 
85
    default:
 
86
      G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
 
87
      break;
 
88
    }
 
89
}
 
90
 
 
91
static void
 
92
idle_server_tls_channel_set_property (GObject *object,
 
93
    guint property_id,
 
94
    const GValue *value,
 
95
    GParamSpec *pspec)
 
96
{
 
97
  IdleServerTLSChannel *self = IDLE_SERVER_TLS_CHANNEL (object);
 
98
 
 
99
  switch (property_id)
 
100
    {
 
101
    case PROP_CERTIFICATE:
 
102
      self->priv->certificate = g_value_dup_object (value);
 
103
      break;
 
104
    case PROP_HOSTNAME:
 
105
      self->priv->hostname = g_value_dup_string (value);
 
106
      break;
 
107
    case PROP_REFERENCE_IDENTITIES:
 
108
      self->priv->reference_identities = g_value_dup_boxed (value);
 
109
      break;
 
110
    default:
 
111
      G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
 
112
      break;
 
113
    }
 
114
}
 
115
 
 
116
static void
 
117
idle_server_tls_channel_finalize (GObject *object)
 
118
{
 
119
  IdleServerTLSChannel *self = IDLE_SERVER_TLS_CHANNEL (object);
 
120
 
 
121
  IDLE_DEBUG ("Finalize TLS channel");
 
122
 
 
123
  g_free (self->priv->server_cert_path);
 
124
  g_free (self->priv->hostname);
 
125
  g_strfreev (self->priv->reference_identities);
 
126
 
 
127
  G_OBJECT_CLASS (idle_server_tls_channel_parent_class)->finalize (object);
 
128
}
 
129
 
 
130
static void
 
131
idle_server_tls_channel_dispose (GObject *object)
 
132
{
 
133
  IdleServerTLSChannel *self = IDLE_SERVER_TLS_CHANNEL (object);
 
134
 
 
135
  if (self->priv->dispose_has_run)
 
136
    return;
 
137
 
 
138
  IDLE_DEBUG ("Dispose TLS channel");
 
139
 
 
140
  self->priv->dispose_has_run = TRUE;
 
141
 
 
142
  tp_clear_object (&self->priv->server_cert);
 
143
  tp_clear_object (&self->priv->certificate);
 
144
 
 
145
  G_OBJECT_CLASS (idle_server_tls_channel_parent_class)->dispose (object);
 
146
}
 
147
 
 
148
static void
 
149
idle_server_tls_channel_constructed (GObject *object)
 
150
{
 
151
  IdleServerTLSChannel *self = IDLE_SERVER_TLS_CHANNEL (object);
 
152
  TpBaseChannel *base = TP_BASE_CHANNEL (self);
 
153
  void (*chain_up) (GObject *) =
 
154
    G_OBJECT_CLASS (idle_server_tls_channel_parent_class)->constructed;
 
155
  const gchar *path;
 
156
  gchar *cert_object_path;
 
157
  GPtrArray *certificates;
 
158
  GTlsCertificate *cert;
 
159
 
 
160
  if (chain_up != NULL)
 
161
    chain_up (object);
 
162
 
 
163
  tp_base_channel_register (base);
 
164
 
 
165
  /* create the TLS certificate object */
 
166
  path = tp_base_channel_get_object_path (base);
 
167
  cert_object_path = g_strdup_printf ("%s/TLSCertificateObject", path);
 
168
  certificates = g_ptr_array_new ();
 
169
 
 
170
  /* Setup the full chain */
 
171
  cert = self->priv->certificate;
 
172
  while (cert != NULL)
 
173
    {
 
174
      GByteArray *content;
 
175
      GArray *c;
 
176
 
 
177
      g_object_get (cert,
 
178
          "certificate", &content,
 
179
          NULL);
 
180
      c = g_array_sized_new (TRUE, TRUE, sizeof (guchar), content->len);
 
181
      g_array_append_vals (c, content->data, content->len);
 
182
      g_ptr_array_add (certificates, c);
 
183
 
 
184
      g_byte_array_unref (content);
 
185
 
 
186
      cert = g_tls_certificate_get_issuer (cert);
 
187
    }
 
188
 
 
189
  self->priv->server_cert = g_object_new (IDLE_TYPE_TLS_CERTIFICATE,
 
190
      "object-path", cert_object_path,
 
191
      "certificate-chain-data", certificates,
 
192
      "certificate-type", "x509",
 
193
      "dbus-daemon",
 
194
        tp_base_connection_get_dbus_daemon (
 
195
          tp_base_channel_get_connection (TP_BASE_CHANNEL (self))),
 
196
      NULL);
 
197
  self->priv->server_cert_path = cert_object_path;
 
198
  g_ptr_array_unref (certificates);
 
199
 
 
200
  IDLE_DEBUG ("Server TLS channel constructed at %s", path);
 
201
}
 
202
 
 
203
static void
 
204
idle_server_tls_channel_fill_immutable_properties (
 
205
    TpBaseChannel *chan,
 
206
    GHashTable *properties)
 
207
{
 
208
  TP_BASE_CHANNEL_CLASS (idle_server_tls_channel_parent_class)
 
209
      ->fill_immutable_properties (chan, properties);
 
210
 
 
211
  tp_dbus_properties_mixin_fill_properties_hash (
 
212
      G_OBJECT (chan), properties,
 
213
      TP_IFACE_CHANNEL_TYPE_SERVER_TLS_CONNECTION, "ServerCertificate",
 
214
      TP_IFACE_CHANNEL_TYPE_SERVER_TLS_CONNECTION, "Hostname",
 
215
      TP_IFACE_CHANNEL_TYPE_SERVER_TLS_CONNECTION, "ReferenceIdentities",
 
216
      NULL);
 
217
}
 
218
 
 
219
static gchar *
 
220
idle_server_tls_channel_get_object_path_suffix (TpBaseChannel *base)
 
221
{
 
222
  static guint count = 0;
 
223
 
 
224
  return g_strdup_printf ("ServerTLSChannel%u", ++count);
 
225
}
 
226
 
 
227
static void
 
228
idle_server_tls_channel_init (IdleServerTLSChannel *self)
 
229
{
 
230
  self->priv = G_TYPE_INSTANCE_GET_PRIVATE (self,
 
231
      IDLE_TYPE_SERVER_TLS_CHANNEL, IdleServerTLSChannelPrivate);
 
232
}
 
233
 
 
234
static void
 
235
idle_server_tls_channel_class_init (IdleServerTLSChannelClass *klass)
 
236
{
 
237
  static TpDBusPropertiesMixinPropImpl server_tls_props[] = {
 
238
    { "ServerCertificate", "server-certificate", NULL },
 
239
    { "Hostname", "hostname", NULL },
 
240
    { "ReferenceIdentities", "reference-identities", NULL },
 
241
    { NULL }
 
242
  };
 
243
 
 
244
  GObjectClass *oclass = G_OBJECT_CLASS (klass);
 
245
  TpBaseChannelClass *base_class = TP_BASE_CHANNEL_CLASS (klass);
 
246
  GParamSpec *pspec;
 
247
 
 
248
  g_type_class_add_private (klass, sizeof (IdleServerTLSChannelPrivate));
 
249
 
 
250
  oclass->get_property = idle_server_tls_channel_get_property;
 
251
  oclass->set_property = idle_server_tls_channel_set_property;
 
252
  oclass->dispose = idle_server_tls_channel_dispose;
 
253
  oclass->finalize = idle_server_tls_channel_finalize;
 
254
  oclass->constructed = idle_server_tls_channel_constructed;
 
255
 
 
256
  base_class->channel_type = TP_IFACE_CHANNEL_TYPE_SERVER_TLS_CONNECTION;
 
257
  base_class->target_handle_type = TP_HANDLE_TYPE_NONE;
 
258
  base_class->fill_immutable_properties =
 
259
      idle_server_tls_channel_fill_immutable_properties;
 
260
  base_class->get_object_path_suffix =
 
261
      idle_server_tls_channel_get_object_path_suffix;
 
262
  base_class->close = idle_server_tls_channel_close;
 
263
 
 
264
  pspec = g_param_spec_boxed ("server-certificate", "Server certificate path",
 
265
      "The object path of the server certificate.",
 
266
      DBUS_TYPE_G_OBJECT_PATH,
 
267
      G_PARAM_READABLE | G_PARAM_STATIC_STRINGS);
 
268
  g_object_class_install_property (oclass, PROP_SERVER_CERTIFICATE, pspec);
 
269
 
 
270
  pspec = g_param_spec_string ("hostname", "The hostname to be verified",
 
271
      "The hostname which should be certified by the server certificate.",
 
272
      NULL,
 
273
      G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS);
 
274
  g_object_class_install_property (oclass, PROP_HOSTNAME, pspec);
 
275
 
 
276
  pspec = g_param_spec_boxed ("reference-identities",
 
277
      "The various identities to check the certificate against",
 
278
      "The server certificate identity should match one of these identities.",
 
279
      G_TYPE_STRV,
 
280
      G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS);
 
281
  g_object_class_install_property (oclass, PROP_REFERENCE_IDENTITIES, pspec);
 
282
 
 
283
  pspec = g_param_spec_object ("certificate", "The GTLSCertificate",
 
284
      "The GTLSCertificate object containing the TLS information",
 
285
      G_TYPE_TLS_CERTIFICATE,
 
286
      G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS);
 
287
  g_object_class_install_property (oclass, PROP_CERTIFICATE, pspec);
 
288
 
 
289
  tp_dbus_properties_mixin_implement_interface (oclass,
 
290
      TP_IFACE_QUARK_CHANNEL_TYPE_SERVER_TLS_CONNECTION,
 
291
      tp_dbus_properties_mixin_getter_gobject_properties, NULL,
 
292
      server_tls_props);
 
293
}
 
294
 
 
295
static void
 
296
idle_server_tls_channel_close (TpBaseChannel *base)
 
297
{
 
298
  IDLE_DEBUG ("Close() called on the TLS channel %p", base);
 
299
  tp_base_channel_destroyed (base);
 
300
}
 
301
 
 
302
IdleTLSCertificate *
 
303
idle_server_tls_channel_get_certificate (IdleServerTLSChannel *self)
 
304
{
 
305
  return self->priv->server_cert;
 
306
}