2
* server-tls-channel.c - Source for IdleServerTLSChannel
3
* Copyright (C) 2010 Collabora Ltd.
4
* @author Cosimo Cecchi <cosimo.cecchi@collabora.co.uk>
6
* This library is free software; you can redistribute it and/or
7
* modify it under the terms of the GNU Lesser General Public
8
* License as published by the Free Software Foundation; either
9
* version 2.1 of the License, or (at your option) any later version.
11
* This library is distributed in the hope that it will be useful,
12
* but WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14
* Lesser General Public License for more details.
16
* You should have received a copy of the GNU Lesser General Public
17
* License along with this library; if not, write to the Free Software
18
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
23
#include "server-tls-channel.h"
26
#include <telepathy-glib/telepathy-glib.h>
27
#include <telepathy-glib/telepathy-glib-dbus.h>
29
#define IDLE_DEBUG_FLAG IDLE_DEBUG_TLS
30
#include "idle-debug.h"
31
#include "tls-certificate.h"
33
G_DEFINE_TYPE_WITH_CODE (IdleServerTLSChannel, idle_server_tls_channel,
35
G_IMPLEMENT_INTERFACE (TP_TYPE_SVC_CHANNEL_TYPE_SERVER_TLS_CONNECTION,
38
static void idle_server_tls_channel_close (TpBaseChannel *base);
41
/* server TLS channel iface */
42
PROP_SERVER_CERTIFICATE = 1,
44
PROP_REFERENCE_IDENTITIES,
52
struct _IdleServerTLSChannelPrivate {
53
GTlsCertificate *certificate;
55
IdleTLSCertificate *server_cert;
56
gchar *server_cert_path;
58
GStrv reference_identities;
60
gboolean dispose_has_run;
64
idle_server_tls_channel_get_property (GObject *object,
69
IdleServerTLSChannel *self = IDLE_SERVER_TLS_CHANNEL (object);
73
case PROP_SERVER_CERTIFICATE:
74
g_value_set_boxed (value, self->priv->server_cert_path);
77
g_value_set_string (value, self->priv->hostname);
79
case PROP_REFERENCE_IDENTITIES:
80
g_value_set_boxed (value, self->priv->reference_identities);
82
case PROP_CERTIFICATE:
83
g_value_set_object (value, self->priv->certificate);
86
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
92
idle_server_tls_channel_set_property (GObject *object,
97
IdleServerTLSChannel *self = IDLE_SERVER_TLS_CHANNEL (object);
101
case PROP_CERTIFICATE:
102
self->priv->certificate = g_value_dup_object (value);
105
self->priv->hostname = g_value_dup_string (value);
107
case PROP_REFERENCE_IDENTITIES:
108
self->priv->reference_identities = g_value_dup_boxed (value);
111
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
117
idle_server_tls_channel_finalize (GObject *object)
119
IdleServerTLSChannel *self = IDLE_SERVER_TLS_CHANNEL (object);
121
IDLE_DEBUG ("Finalize TLS channel");
123
g_free (self->priv->server_cert_path);
124
g_free (self->priv->hostname);
125
g_strfreev (self->priv->reference_identities);
127
G_OBJECT_CLASS (idle_server_tls_channel_parent_class)->finalize (object);
131
idle_server_tls_channel_dispose (GObject *object)
133
IdleServerTLSChannel *self = IDLE_SERVER_TLS_CHANNEL (object);
135
if (self->priv->dispose_has_run)
138
IDLE_DEBUG ("Dispose TLS channel");
140
self->priv->dispose_has_run = TRUE;
142
tp_clear_object (&self->priv->server_cert);
143
tp_clear_object (&self->priv->certificate);
145
G_OBJECT_CLASS (idle_server_tls_channel_parent_class)->dispose (object);
149
idle_server_tls_channel_constructed (GObject *object)
151
IdleServerTLSChannel *self = IDLE_SERVER_TLS_CHANNEL (object);
152
TpBaseChannel *base = TP_BASE_CHANNEL (self);
153
void (*chain_up) (GObject *) =
154
G_OBJECT_CLASS (idle_server_tls_channel_parent_class)->constructed;
156
gchar *cert_object_path;
157
GPtrArray *certificates;
158
GTlsCertificate *cert;
160
if (chain_up != NULL)
163
tp_base_channel_register (base);
165
/* create the TLS certificate object */
166
path = tp_base_channel_get_object_path (base);
167
cert_object_path = g_strdup_printf ("%s/TLSCertificateObject", path);
168
certificates = g_ptr_array_new ();
170
/* Setup the full chain */
171
cert = self->priv->certificate;
178
"certificate", &content,
180
c = g_array_sized_new (TRUE, TRUE, sizeof (guchar), content->len);
181
g_array_append_vals (c, content->data, content->len);
182
g_ptr_array_add (certificates, c);
184
g_byte_array_unref (content);
186
cert = g_tls_certificate_get_issuer (cert);
189
self->priv->server_cert = g_object_new (IDLE_TYPE_TLS_CERTIFICATE,
190
"object-path", cert_object_path,
191
"certificate-chain-data", certificates,
192
"certificate-type", "x509",
194
tp_base_connection_get_dbus_daemon (
195
tp_base_channel_get_connection (TP_BASE_CHANNEL (self))),
197
self->priv->server_cert_path = cert_object_path;
198
g_ptr_array_unref (certificates);
200
IDLE_DEBUG ("Server TLS channel constructed at %s", path);
204
idle_server_tls_channel_fill_immutable_properties (
206
GHashTable *properties)
208
TP_BASE_CHANNEL_CLASS (idle_server_tls_channel_parent_class)
209
->fill_immutable_properties (chan, properties);
211
tp_dbus_properties_mixin_fill_properties_hash (
212
G_OBJECT (chan), properties,
213
TP_IFACE_CHANNEL_TYPE_SERVER_TLS_CONNECTION, "ServerCertificate",
214
TP_IFACE_CHANNEL_TYPE_SERVER_TLS_CONNECTION, "Hostname",
215
TP_IFACE_CHANNEL_TYPE_SERVER_TLS_CONNECTION, "ReferenceIdentities",
220
idle_server_tls_channel_get_object_path_suffix (TpBaseChannel *base)
222
static guint count = 0;
224
return g_strdup_printf ("ServerTLSChannel%u", ++count);
228
idle_server_tls_channel_init (IdleServerTLSChannel *self)
230
self->priv = G_TYPE_INSTANCE_GET_PRIVATE (self,
231
IDLE_TYPE_SERVER_TLS_CHANNEL, IdleServerTLSChannelPrivate);
235
idle_server_tls_channel_class_init (IdleServerTLSChannelClass *klass)
237
static TpDBusPropertiesMixinPropImpl server_tls_props[] = {
238
{ "ServerCertificate", "server-certificate", NULL },
239
{ "Hostname", "hostname", NULL },
240
{ "ReferenceIdentities", "reference-identities", NULL },
244
GObjectClass *oclass = G_OBJECT_CLASS (klass);
245
TpBaseChannelClass *base_class = TP_BASE_CHANNEL_CLASS (klass);
248
g_type_class_add_private (klass, sizeof (IdleServerTLSChannelPrivate));
250
oclass->get_property = idle_server_tls_channel_get_property;
251
oclass->set_property = idle_server_tls_channel_set_property;
252
oclass->dispose = idle_server_tls_channel_dispose;
253
oclass->finalize = idle_server_tls_channel_finalize;
254
oclass->constructed = idle_server_tls_channel_constructed;
256
base_class->channel_type = TP_IFACE_CHANNEL_TYPE_SERVER_TLS_CONNECTION;
257
base_class->target_handle_type = TP_HANDLE_TYPE_NONE;
258
base_class->fill_immutable_properties =
259
idle_server_tls_channel_fill_immutable_properties;
260
base_class->get_object_path_suffix =
261
idle_server_tls_channel_get_object_path_suffix;
262
base_class->close = idle_server_tls_channel_close;
264
pspec = g_param_spec_boxed ("server-certificate", "Server certificate path",
265
"The object path of the server certificate.",
266
DBUS_TYPE_G_OBJECT_PATH,
267
G_PARAM_READABLE | G_PARAM_STATIC_STRINGS);
268
g_object_class_install_property (oclass, PROP_SERVER_CERTIFICATE, pspec);
270
pspec = g_param_spec_string ("hostname", "The hostname to be verified",
271
"The hostname which should be certified by the server certificate.",
273
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS);
274
g_object_class_install_property (oclass, PROP_HOSTNAME, pspec);
276
pspec = g_param_spec_boxed ("reference-identities",
277
"The various identities to check the certificate against",
278
"The server certificate identity should match one of these identities.",
280
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS);
281
g_object_class_install_property (oclass, PROP_REFERENCE_IDENTITIES, pspec);
283
pspec = g_param_spec_object ("certificate", "The GTLSCertificate",
284
"The GTLSCertificate object containing the TLS information",
285
G_TYPE_TLS_CERTIFICATE,
286
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS);
287
g_object_class_install_property (oclass, PROP_CERTIFICATE, pspec);
289
tp_dbus_properties_mixin_implement_interface (oclass,
290
TP_IFACE_QUARK_CHANNEL_TYPE_SERVER_TLS_CONNECTION,
291
tp_dbus_properties_mixin_getter_gobject_properties, NULL,
296
idle_server_tls_channel_close (TpBaseChannel *base)
298
IDLE_DEBUG ("Close() called on the TLS channel %p", base);
299
tp_base_channel_destroyed (base);
303
idle_server_tls_channel_get_certificate (IdleServerTLSChannel *self)
305
return self->priv->server_cert;