/**
* g_tls_client_connection_new:
* @base_io_stream: the #GIOStream to wrap
* @server_identity: (allow-none): the expected identity of the server
* @error: #GError for error reporting, or %NULL to ignore.
*
* Creates a new #GTlsClientConnection wrapping @base_io_stream (which
* must have pollable input and output streams) which is assumed to
* communicate with the server identified by @server_identity.
*
* Return value: (transfer full) (type GTlsClientConnection): the new
* #GTlsClientConnection, or %NULL on error
*
* Since: 2.28
*/
GIOStream *
g_tls_client_connection_new (GIOStream *base_io_stream,
GSocketConnectable *server_identity,
GError **error)
{
GObject *conn;
GTlsBackend *backend;
backend = g_tls_backend_get_default ();
conn = g_initable_new (g_tls_backend_get_client_connection_type (backend),
NULL, error,
"base-io-stream", base_io_stream,
"server-identity", server_identity,
NULL);
return G_IO_STREAM (conn);
}
/**
* g_tls_server_connection_new:
* @base_io_stream: the #GIOStream to wrap
* @certificate: (allow-none): the default server certificate, or %NULL
* @error: #GError for error reporting, or %NULL to ignore.
*
* Creates a new #GTlsServerConnection wrapping @base_io_stream (which
* must have pollable input and output streams).
*
* Return value: (transfer full) (type GTlsServerConnection): the new
* #GTlsServerConnection, or %NULL on error
*
* Since: 2.28
*/
GIOStream *
g_tls_server_connection_new (GIOStream *base_io_stream,
GTlsCertificate *certificate,
GError **error)
{
GObject *conn;
GTlsBackend *backend;
backend = g_tls_backend_get_default ();
conn = g_initable_new (g_tls_backend_get_server_connection_type (backend),
NULL, error,
"base-io-stream", base_io_stream,
"certificate", certificate,
NULL);
return G_IO_STREAM (conn);
}
/**
* g_dtls_client_connection_new:
* @base_socket: the #GDatagramBased to wrap
* @server_identity: (allow-none): the expected identity of the server
* @error: #GError for error reporting, or %NULL to ignore.
*
* Creates a new #GDtlsClientConnection wrapping @base_socket which is
* assumed to communicate with the server identified by @server_identity.
*
* Returns: (transfer full) (type GDtlsClientConnection): the new
* #GDtlsClientConnection, or %NULL on error
*
* Since: 2.48
*/
GDatagramBased *
g_dtls_client_connection_new (GDatagramBased *base_socket,
GSocketConnectable *server_identity,
GError **error)
{
GObject *conn;
GTlsBackend *backend;
backend = g_tls_backend_get_default ();
conn = g_initable_new (g_tls_backend_get_dtls_client_connection_type (backend),
NULL, error,
"base-socket", base_socket,
"server-identity", server_identity,
NULL);
return G_DATAGRAM_BASED (conn);
}
void
test_init (int argc, char **argv, GOptionEntry *entries)
{
GOptionContext *opts;
char *name;
GError *error = NULL;
GTlsBackend *tls_backend;
setlocale (LC_ALL, "");
g_type_init ();
name = strrchr (argv[0], '/');
if (!name++)
name = argv[0];
if (!strncmp (name, "lt-", 3))
name += 3;
g_set_prgname (name);
opts = g_option_context_new (NULL);
g_option_context_add_main_entries (opts, debug_entry, NULL);
if (entries)
g_option_context_add_main_entries (opts, entries, NULL);
if (!g_option_context_parse (opts, &argc, &argv, &error)) {
g_printerr ("Could not parse arguments: %s\n",
error->message);
g_printerr ("%s",
g_option_context_get_help (opts, TRUE, NULL));
exit (1);
}
g_option_context_free (opts);
if (debug_level > 0 || http_debug_level > 0)
parallelize = !parallelize;
/* Exit cleanly on ^C in case we're valgrinding. */
signal (SIGINT, quit);
g_log_set_default_handler (test_log_handler, NULL);
tls_backend = g_tls_backend_get_default ();
tls_available = g_tls_backend_supports_tls (tls_backend);
}
static gboolean do_connect(MegaHttpClient* http_client, GCancellable* cancellable, GError** err)
{
GError* local_err = NULL;
g_return_val_if_fail(MEGA_IS_HTTP_CLIENT(http_client), FALSE);
g_return_val_if_fail(err == NULL || *err == NULL, FALSE);
MegaHttpClientPrivate* priv = http_client->priv;
do_disconnect(http_client);
// enable/disable TLS
if (priv->https)
{
if (!g_tls_backend_supports_tls(g_tls_backend_get_default()))
{
g_set_error(err, MEGA_HTTP_CLIENT_ERROR, MEGA_HTTP_CLIENT_ERROR_OTHER, "TLS backend not found, please install glib-networking.");
return FALSE;
}
g_socket_client_set_tls(priv->client, TRUE);
}
else
{
g_socket_client_set_tls(priv->client, FALSE);
}
priv->conn = g_socket_client_connect_to_host(priv->client, priv->host, priv->port, cancellable, &local_err);
if (!priv->conn)
{
g_propagate_prefixed_error(err, local_err, "Connection failed: ");
return FALSE;
}
GDataInputStream* data_stream = g_data_input_stream_new(g_io_stream_get_input_stream(G_IO_STREAM(http_client->priv->conn)));
g_data_input_stream_set_newline_type(data_stream, G_DATA_STREAM_NEWLINE_TYPE_ANY);
priv->istream = G_INPUT_STREAM(data_stream);
priv->ostream = g_object_ref(g_io_stream_get_output_stream(G_IO_STREAM(http_client->priv->conn)));
return TRUE;
}
static GTlsCertificate *
tls_certificate_new_internal (const gchar *certificate_pem,
const gchar *private_key_pem,
GTlsCertificate *issuer,
GError **error)
{
GObject *cert;
GTlsBackend *backend;
backend = g_tls_backend_get_default ();
cert = g_initable_new (g_tls_backend_get_certificate_type (backend),
NULL, error,
"certificate-pem", certificate_pem,
"private-key-pem", private_key_pem,
"issuer", issuer,
NULL);
return G_TLS_CERTIFICATE (cert);
}
static void
g_tls_connection_base_set_property (GObject *object,
guint prop_id,
const GValue *value,
GParamSpec *pspec)
{
GTlsConnectionBase *tls = G_TLS_CONNECTION_BASE (object);
GInputStream *istream;
GOutputStream *ostream;
gboolean system_certdb;
GTlsBackend *backend;
switch (prop_id)
{
case PROP_BASE_IO_STREAM:
if (tls->base_io_stream)
{
g_object_unref (tls->base_io_stream);
tls->base_istream = NULL;
tls->base_ostream = NULL;
}
tls->base_io_stream = g_value_dup_object (value);
if (!tls->base_io_stream)
return;
istream = g_io_stream_get_input_stream (tls->base_io_stream);
ostream = g_io_stream_get_output_stream (tls->base_io_stream);
if (G_IS_POLLABLE_INPUT_STREAM (istream) &&
g_pollable_input_stream_can_poll (G_POLLABLE_INPUT_STREAM (istream)))
{
tls->base_istream = G_POLLABLE_INPUT_STREAM (istream);
tls->tls_istream = g_tls_input_stream_base_new (tls);
}
if (G_IS_POLLABLE_OUTPUT_STREAM (ostream) &&
g_pollable_output_stream_can_poll (G_POLLABLE_OUTPUT_STREAM (ostream)))
{
tls->base_ostream = G_POLLABLE_OUTPUT_STREAM (ostream);
tls->tls_ostream = g_tls_output_stream_base_new (tls);
}
break;
case PROP_REQUIRE_CLOSE_NOTIFY:
tls->require_close_notify = g_value_get_boolean (value);
break;
case PROP_REHANDSHAKE_MODE:
tls->rehandshake_mode = g_value_get_enum (value);
break;
case PROP_USE_SYSTEM_CERTDB:
system_certdb = g_value_get_boolean (value);
if (system_certdb != tls->is_system_certdb)
{
g_clear_object (&tls->database);
if (system_certdb)
{
backend = g_tls_backend_get_default ();
tls->database = g_tls_backend_get_default_database (backend);
}
tls->is_system_certdb = system_certdb;
tls->database_is_unset = FALSE;
}
break;
case PROP_DATABASE:
g_clear_object (&tls->database);
tls->database = g_value_dup_object (value);
tls->is_system_certdb = FALSE;
tls->database_is_unset = FALSE;
break;
case PROP_CERTIFICATE:
if (tls->certificate)
g_object_unref (tls->certificate);
tls->certificate = g_value_dup_object (value);
break;
case PROP_INTERACTION:
g_clear_object (&tls->interaction);
tls->interaction = g_value_dup_object (value);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
}
}
static gboolean
run_server (guint * http_port, guint * https_port)
{
guint port = SOUP_ADDRESS_ANY_PORT;
guint ssl_port = SOUP_ADDRESS_ANY_PORT;
const char *ssl_cert_file = GST_TEST_FILES_PATH "/test-cert.pem";
const char *ssl_key_file = GST_TEST_FILES_PATH "/test-key.pem";
static int server_running = 0;
GSocketAddress *address;
GError *err = NULL;
SoupAuthDomain *domain = NULL;
if (server_running)
return TRUE;
server_running = 1;
*http_port = *https_port = 0;
server = soup_server_new (NULL, NULL);
if (!server) {
GST_DEBUG ("Unable to create server");
return FALSE;
}
soup_server_add_handler (server, NULL, server_callback, NULL, NULL);
domain = soup_auth_domain_basic_new (SOUP_AUTH_DOMAIN_REALM, realm,
SOUP_AUTH_DOMAIN_BASIC_AUTH_CALLBACK, basic_auth_cb,
SOUP_AUTH_DOMAIN_ADD_PATH, basic_auth_path, NULL);
soup_server_add_auth_domain (server, domain);
g_object_unref (domain);
domain = soup_auth_domain_digest_new (SOUP_AUTH_DOMAIN_REALM, realm,
SOUP_AUTH_DOMAIN_DIGEST_AUTH_CALLBACK, digest_auth_cb,
SOUP_AUTH_DOMAIN_ADD_PATH, digest_auth_path, NULL);
soup_server_add_auth_domain (server, domain);
g_object_unref (domain);
address = g_inet_socket_address_new_from_string ("0.0.0.0", port);
soup_server_listen (server, address, 0, &err);
g_object_unref (address);
if (err) {
stop_server ();
g_clear_error (&err);
return FALSE;
}
*http_port = get_port_from_server (server);
GST_DEBUG ("HTTP server listening on port %u", *http_port);
if (ssl_cert_file && ssl_key_file) {
GTlsBackend *backend = g_tls_backend_get_default ();
if (backend != NULL && g_tls_backend_supports_tls (backend)) {
ssl_server = soup_server_new (SOUP_SERVER_SSL_CERT_FILE, ssl_cert_file,
SOUP_SERVER_SSL_KEY_FILE, ssl_key_file, NULL);
} else {
GST_INFO ("No TLS support");
}
if (ssl_server) {
GST_INFO ("HTTPS server listening on port %u", *https_port);
soup_server_add_handler (ssl_server, NULL, server_callback, NULL, NULL);
address = g_inet_socket_address_new_from_string ("0.0.0.0", ssl_port);
soup_server_listen (ssl_server, address, SOUP_SERVER_LISTEN_HTTPS, &err);
g_object_unref (address);
if (err) {
GST_ERROR ("Failed to start HTTPS server: %s", err->message);
stop_server ();
g_clear_error (&err);
return FALSE;
}
*https_port = get_port_from_server (ssl_server);
GST_DEBUG ("HTTPS server listening on port %u", *https_port);
}
}
/* check if we can connect to our local http server */
{
GSocketConnection *conn;
GSocketClient *client;
client = g_socket_client_new ();
g_socket_client_set_timeout (client, 2);
conn = g_socket_client_connect_to_host (client, "127.0.0.1", *http_port,
NULL, NULL);
if (conn == NULL) {
GST_INFO ("Couldn't connect to http server 127.0.0.1:%u", *http_port);
g_object_unref (client);
stop_server ();
return FALSE;
}
g_object_unref (conn);
if (ssl_server == NULL)
goto skip_https_check;
conn = g_socket_client_connect_to_host (client, "127.0.0.1", *https_port,
NULL, NULL);
if (conn == NULL) {
GST_INFO ("Couldn't connect to https server 127.0.0.1:%u", *https_port);
g_object_unref (client);
stop_server ();
return FALSE;
}
g_object_unref (conn);
skip_https_check:
g_object_unref (client);
}
return TRUE;
}
