/** * g_tls_client_connection_new: * @base_io_stream: the #GIOStream to wrap * @server_identity: (allow-none): the expected identity of the server * @error: #GError for error reporting, or %NULL to ignore. * * Creates a new #GTlsClientConnection wrapping @base_io_stream (which * must have pollable input and output streams) which is assumed to * communicate with the server identified by @server_identity. * * Return value: (transfer full) (type GTlsClientConnection): the new * #GTlsClientConnection, or %NULL on error * * Since: 2.28 */ GIOStream * g_tls_client_connection_new (GIOStream *base_io_stream, GSocketConnectable *server_identity, GError **error) { GObject *conn; GTlsBackend *backend; backend = g_tls_backend_get_default (); conn = g_initable_new (g_tls_backend_get_client_connection_type (backend), NULL, error, "base-io-stream", base_io_stream, "server-identity", server_identity, NULL); return G_IO_STREAM (conn); }
/** * g_tls_server_connection_new: * @base_io_stream: the #GIOStream to wrap * @certificate: (allow-none): the default server certificate, or %NULL * @error: #GError for error reporting, or %NULL to ignore. * * Creates a new #GTlsServerConnection wrapping @base_io_stream (which * must have pollable input and output streams). * * Return value: (transfer full) (type GTlsServerConnection): the new * #GTlsServerConnection, or %NULL on error * * Since: 2.28 */ GIOStream * g_tls_server_connection_new (GIOStream *base_io_stream, GTlsCertificate *certificate, GError **error) { GObject *conn; GTlsBackend *backend; backend = g_tls_backend_get_default (); conn = g_initable_new (g_tls_backend_get_server_connection_type (backend), NULL, error, "base-io-stream", base_io_stream, "certificate", certificate, NULL); return G_IO_STREAM (conn); }
/** * g_dtls_client_connection_new: * @base_socket: the #GDatagramBased to wrap * @server_identity: (allow-none): the expected identity of the server * @error: #GError for error reporting, or %NULL to ignore. * * Creates a new #GDtlsClientConnection wrapping @base_socket which is * assumed to communicate with the server identified by @server_identity. * * Returns: (transfer full) (type GDtlsClientConnection): the new * #GDtlsClientConnection, or %NULL on error * * Since: 2.48 */ GDatagramBased * g_dtls_client_connection_new (GDatagramBased *base_socket, GSocketConnectable *server_identity, GError **error) { GObject *conn; GTlsBackend *backend; backend = g_tls_backend_get_default (); conn = g_initable_new (g_tls_backend_get_dtls_client_connection_type (backend), NULL, error, "base-socket", base_socket, "server-identity", server_identity, NULL); return G_DATAGRAM_BASED (conn); }
void test_init (int argc, char **argv, GOptionEntry *entries) { GOptionContext *opts; char *name; GError *error = NULL; GTlsBackend *tls_backend; setlocale (LC_ALL, ""); g_type_init (); name = strrchr (argv[0], '/'); if (!name++) name = argv[0]; if (!strncmp (name, "lt-", 3)) name += 3; g_set_prgname (name); opts = g_option_context_new (NULL); g_option_context_add_main_entries (opts, debug_entry, NULL); if (entries) g_option_context_add_main_entries (opts, entries, NULL); if (!g_option_context_parse (opts, &argc, &argv, &error)) { g_printerr ("Could not parse arguments: %s\n", error->message); g_printerr ("%s", g_option_context_get_help (opts, TRUE, NULL)); exit (1); } g_option_context_free (opts); if (debug_level > 0 || http_debug_level > 0) parallelize = !parallelize; /* Exit cleanly on ^C in case we're valgrinding. */ signal (SIGINT, quit); g_log_set_default_handler (test_log_handler, NULL); tls_backend = g_tls_backend_get_default (); tls_available = g_tls_backend_supports_tls (tls_backend); }
static gboolean do_connect(MegaHttpClient* http_client, GCancellable* cancellable, GError** err) { GError* local_err = NULL; g_return_val_if_fail(MEGA_IS_HTTP_CLIENT(http_client), FALSE); g_return_val_if_fail(err == NULL || *err == NULL, FALSE); MegaHttpClientPrivate* priv = http_client->priv; do_disconnect(http_client); // enable/disable TLS if (priv->https) { if (!g_tls_backend_supports_tls(g_tls_backend_get_default())) { g_set_error(err, MEGA_HTTP_CLIENT_ERROR, MEGA_HTTP_CLIENT_ERROR_OTHER, "TLS backend not found, please install glib-networking."); return FALSE; } g_socket_client_set_tls(priv->client, TRUE); } else { g_socket_client_set_tls(priv->client, FALSE); } priv->conn = g_socket_client_connect_to_host(priv->client, priv->host, priv->port, cancellable, &local_err); if (!priv->conn) { g_propagate_prefixed_error(err, local_err, "Connection failed: "); return FALSE; } GDataInputStream* data_stream = g_data_input_stream_new(g_io_stream_get_input_stream(G_IO_STREAM(http_client->priv->conn))); g_data_input_stream_set_newline_type(data_stream, G_DATA_STREAM_NEWLINE_TYPE_ANY); priv->istream = G_INPUT_STREAM(data_stream); priv->ostream = g_object_ref(g_io_stream_get_output_stream(G_IO_STREAM(http_client->priv->conn))); return TRUE; }
static GTlsCertificate * tls_certificate_new_internal (const gchar *certificate_pem, const gchar *private_key_pem, GTlsCertificate *issuer, GError **error) { GObject *cert; GTlsBackend *backend; backend = g_tls_backend_get_default (); cert = g_initable_new (g_tls_backend_get_certificate_type (backend), NULL, error, "certificate-pem", certificate_pem, "private-key-pem", private_key_pem, "issuer", issuer, NULL); return G_TLS_CERTIFICATE (cert); }
static void g_tls_connection_base_set_property (GObject *object, guint prop_id, const GValue *value, GParamSpec *pspec) { GTlsConnectionBase *tls = G_TLS_CONNECTION_BASE (object); GInputStream *istream; GOutputStream *ostream; gboolean system_certdb; GTlsBackend *backend; switch (prop_id) { case PROP_BASE_IO_STREAM: if (tls->base_io_stream) { g_object_unref (tls->base_io_stream); tls->base_istream = NULL; tls->base_ostream = NULL; } tls->base_io_stream = g_value_dup_object (value); if (!tls->base_io_stream) return; istream = g_io_stream_get_input_stream (tls->base_io_stream); ostream = g_io_stream_get_output_stream (tls->base_io_stream); if (G_IS_POLLABLE_INPUT_STREAM (istream) && g_pollable_input_stream_can_poll (G_POLLABLE_INPUT_STREAM (istream))) { tls->base_istream = G_POLLABLE_INPUT_STREAM (istream); tls->tls_istream = g_tls_input_stream_base_new (tls); } if (G_IS_POLLABLE_OUTPUT_STREAM (ostream) && g_pollable_output_stream_can_poll (G_POLLABLE_OUTPUT_STREAM (ostream))) { tls->base_ostream = G_POLLABLE_OUTPUT_STREAM (ostream); tls->tls_ostream = g_tls_output_stream_base_new (tls); } break; case PROP_REQUIRE_CLOSE_NOTIFY: tls->require_close_notify = g_value_get_boolean (value); break; case PROP_REHANDSHAKE_MODE: tls->rehandshake_mode = g_value_get_enum (value); break; case PROP_USE_SYSTEM_CERTDB: system_certdb = g_value_get_boolean (value); if (system_certdb != tls->is_system_certdb) { g_clear_object (&tls->database); if (system_certdb) { backend = g_tls_backend_get_default (); tls->database = g_tls_backend_get_default_database (backend); } tls->is_system_certdb = system_certdb; tls->database_is_unset = FALSE; } break; case PROP_DATABASE: g_clear_object (&tls->database); tls->database = g_value_dup_object (value); tls->is_system_certdb = FALSE; tls->database_is_unset = FALSE; break; case PROP_CERTIFICATE: if (tls->certificate) g_object_unref (tls->certificate); tls->certificate = g_value_dup_object (value); break; case PROP_INTERACTION: g_clear_object (&tls->interaction); tls->interaction = g_value_dup_object (value); break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); } }
static gboolean run_server (guint * http_port, guint * https_port) { guint port = SOUP_ADDRESS_ANY_PORT; guint ssl_port = SOUP_ADDRESS_ANY_PORT; const char *ssl_cert_file = GST_TEST_FILES_PATH "/test-cert.pem"; const char *ssl_key_file = GST_TEST_FILES_PATH "/test-key.pem"; static int server_running = 0; GSocketAddress *address; GError *err = NULL; SoupAuthDomain *domain = NULL; if (server_running) return TRUE; server_running = 1; *http_port = *https_port = 0; server = soup_server_new (NULL, NULL); if (!server) { GST_DEBUG ("Unable to create server"); return FALSE; } soup_server_add_handler (server, NULL, server_callback, NULL, NULL); domain = soup_auth_domain_basic_new (SOUP_AUTH_DOMAIN_REALM, realm, SOUP_AUTH_DOMAIN_BASIC_AUTH_CALLBACK, basic_auth_cb, SOUP_AUTH_DOMAIN_ADD_PATH, basic_auth_path, NULL); soup_server_add_auth_domain (server, domain); g_object_unref (domain); domain = soup_auth_domain_digest_new (SOUP_AUTH_DOMAIN_REALM, realm, SOUP_AUTH_DOMAIN_DIGEST_AUTH_CALLBACK, digest_auth_cb, SOUP_AUTH_DOMAIN_ADD_PATH, digest_auth_path, NULL); soup_server_add_auth_domain (server, domain); g_object_unref (domain); address = g_inet_socket_address_new_from_string ("0.0.0.0", port); soup_server_listen (server, address, 0, &err); g_object_unref (address); if (err) { stop_server (); g_clear_error (&err); return FALSE; } *http_port = get_port_from_server (server); GST_DEBUG ("HTTP server listening on port %u", *http_port); if (ssl_cert_file && ssl_key_file) { GTlsBackend *backend = g_tls_backend_get_default (); if (backend != NULL && g_tls_backend_supports_tls (backend)) { ssl_server = soup_server_new (SOUP_SERVER_SSL_CERT_FILE, ssl_cert_file, SOUP_SERVER_SSL_KEY_FILE, ssl_key_file, NULL); } else { GST_INFO ("No TLS support"); } if (ssl_server) { GST_INFO ("HTTPS server listening on port %u", *https_port); soup_server_add_handler (ssl_server, NULL, server_callback, NULL, NULL); address = g_inet_socket_address_new_from_string ("0.0.0.0", ssl_port); soup_server_listen (ssl_server, address, SOUP_SERVER_LISTEN_HTTPS, &err); g_object_unref (address); if (err) { GST_ERROR ("Failed to start HTTPS server: %s", err->message); stop_server (); g_clear_error (&err); return FALSE; } *https_port = get_port_from_server (ssl_server); GST_DEBUG ("HTTPS server listening on port %u", *https_port); } } /* check if we can connect to our local http server */ { GSocketConnection *conn; GSocketClient *client; client = g_socket_client_new (); g_socket_client_set_timeout (client, 2); conn = g_socket_client_connect_to_host (client, "127.0.0.1", *http_port, NULL, NULL); if (conn == NULL) { GST_INFO ("Couldn't connect to http server 127.0.0.1:%u", *http_port); g_object_unref (client); stop_server (); return FALSE; } g_object_unref (conn); if (ssl_server == NULL) goto skip_https_check; conn = g_socket_client_connect_to_host (client, "127.0.0.1", *https_port, NULL, NULL); if (conn == NULL) { GST_INFO ("Couldn't connect to https server 127.0.0.1:%u", *https_port); g_object_unref (client); stop_server (); return FALSE; } g_object_unref (conn); skip_https_check: g_object_unref (client); } return TRUE; }