From c0686e978da2010088758d28f6042b41a1110b56 Mon Sep 17 00:00:00 2001 From: Jeffrey Stedfast Date: Thu, 15 Mar 2001 02:33:34 +0000 Subject: Pass the service into the SSL stream, not the session. 2001-03-14 Jeffrey Stedfast * camel-remote-store.c (remote_connect): Pass the service into the SSL stream, not the session. * camel-tcp-stream-ssl.c (camel_tcp_stream_ssl_init): Set the service to NULL. (camel_tcp_stream_ssl_finalize): Unref the service. (camel_tcp_stream_ssl_new): Takes a CamelService arg now rather than a CamelSession arg. svn path=/trunk/; revision=8720 --- camel/ChangeLog | 11 +++++++++++ camel/camel-remote-store.c | 2 +- camel/camel-tcp-stream-ssl.c | 38 +++++++++++++++++++++----------------- camel/camel-tcp-stream-ssl.h | 8 ++++---- 4 files changed, 37 insertions(+), 22 deletions(-) diff --git a/camel/ChangeLog b/camel/ChangeLog index a1f0bcafab..de3ff8ecdf 100644 --- a/camel/ChangeLog +++ b/camel/ChangeLog @@ -1,3 +1,14 @@ +2001-03-14 Jeffrey Stedfast + + * camel-remote-store.c (remote_connect): Pass the service into the + SSL stream, not the session. + + * camel-tcp-stream-ssl.c (camel_tcp_stream_ssl_init): Set the + service to NULL. + (camel_tcp_stream_ssl_finalize): Unref the service. + (camel_tcp_stream_ssl_new): Takes a CamelService arg now rather + than a CamelSession arg. + 2001-03-14 Jeffrey Stedfast * camel.c (camel_init): So it turns out that NSS_Init *isn't* diff --git a/camel/camel-remote-store.c b/camel/camel-remote-store.c index 3f66d6a462..ef06eb71ec 100644 --- a/camel/camel-remote-store.c +++ b/camel/camel-remote-store.c @@ -218,7 +218,7 @@ remote_connect (CamelService *service, CamelException *ex) #ifdef HAVE_NSS if (store->use_ssl) - tcp_stream = camel_tcp_stream_ssl_new (service->session, service->url->host); + tcp_stream = camel_tcp_stream_ssl_new (service, service->url->host); else tcp_stream = camel_tcp_stream_raw_new (); #else diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c index e34cef0202..4b2d4fc578 100644 --- a/camel/camel-tcp-stream-ssl.c +++ b/camel/camel-tcp-stream-ssl.c @@ -25,6 +25,7 @@ #ifdef HAVE_NSS #include "camel-tcp-stream-ssl.h" +#include "camel-session.h" #include #include #include @@ -84,7 +85,7 @@ camel_tcp_stream_ssl_init (gpointer object, gpointer klass) CamelTcpStreamSSL *stream = CAMEL_TCP_STREAM_SSL (object); stream->sockfd = NULL; - stream->session = NULL; + stream->service = NULL; stream->expected_host = NULL; } @@ -96,7 +97,7 @@ camel_tcp_stream_ssl_finalize (CamelObject *object) if (stream->sockfd != NULL) PR_Close (stream->sockfd); - camel_object_unref (CAMEL_OBJECT (stream->session)); + camel_object_unref (CAMEL_OBJECT (stream->service)); g_free (stream->expected_host); } @@ -122,24 +123,24 @@ camel_tcp_stream_ssl_get_type (void) /** * camel_tcp_stream_ssl_new: - * @session: camel session + * @service: camel service * @expected_host: host that the stream is expected to connect with. * * Since the SSL certificate authenticator may need to prompt the - * user, a CamelSession is needed. #expected_host is needed as a + * user, a CamelService is needed. #expected_host is needed as a * protection against an MITM attack. * * Return value: a tcp stream **/ CamelStream * -camel_tcp_stream_ssl_new (CamelSession *session, const char *expected_host) +camel_tcp_stream_ssl_new (CamelService *service, const char *expected_host) { CamelTcpStreamSSL *stream; stream = CAMEL_TCP_STREAM_SSL (camel_object_new (camel_tcp_stream_ssl_get_type ())); - camel_object_ref (CAMEL_OBJECT (session)); - stream->session = session; + camel_object_ref (CAMEL_OBJECT (service)); + stream->service = service; stream->expected_host = g_strdup (expected_host); return CAMEL_STREAM (stream); @@ -221,23 +222,26 @@ ssl_auth_cert (void *data, PRFileDesc *fd, PRBool checksig, PRBool is_server) static SECStatus ssl_bad_cert (void *data, PRFileDesc *fd) { - CamelSession *session; + CamelService *service; + char *string, *err; gpointer accept; - char *string; PRInt32 len; g_return_val_if_fail (data != NULL, SECFailure); - g_return_val_if_fail (CAMEL_IS_SESSION (data), SECFailure); + g_return_val_if_fail (CAMEL_IS_SERVICE (data), SECFailure); - session = CAMEL_SESSION (data); + service = CAMEL_SERVICE (data); /* FIXME: International issues here?? */ len = PR_GetErrorTextLength (); - string = g_malloc0 (len + 1); - PR_GetErrorText (string); + err = g_malloc0 (len + 1); + PR_GetErrorText (err); - accept = camel_session_query_authenticator (session, CAMEL_AUTHENTICATOR_ACCEPT, - string, FALSE, NULL, NULL, NULL); + string = g_strdup_printf (_("Do you wish to accept this certificate from %s?\n\n%s"), + service->url->host, err); + + accept = camel_session_query_authenticator (service->session, CAMEL_AUTHENTICATOR_ACCEPT, + string, FALSE, service, NULL, NULL); if (GPOINTER_TO_INT (accept)) return SECSuccess; @@ -273,8 +277,8 @@ stream_connect (CamelTcpStream *stream, struct hostent *host, int port) return -1; } - SSL_AuthCertificateHook (ssl_fd, ssl_auth_cert, NULL); - SSL_BadCertHook (ssl_fd, ssl_bad_cert, ssl->session); + /*SSL_AuthCertificateHook (ssl_fd, ssl_auth_cert, NULL);*/ + SSL_BadCertHook (ssl_fd, ssl_bad_cert, ssl->service); ssl->sockfd = ssl_fd; diff --git a/camel/camel-tcp-stream-ssl.h b/camel/camel-tcp-stream-ssl.h index ef4e21126c..883e1cda2a 100644 --- a/camel/camel-tcp-stream-ssl.h +++ b/camel/camel-tcp-stream-ssl.h @@ -34,8 +34,8 @@ extern "C" { #ifdef HAVE_NSS #include -#include -#include +#include +#include #define CAMEL_TCP_STREAM_SSL_TYPE (camel_tcp_stream_ssl_get_type ()) #define CAMEL_TCP_STREAM_SSL(obj) (CAMEL_CHECK_CAST((obj), CAMEL_TCP_STREAM_SSL_TYPE, CamelTcpStreamSSL)) @@ -47,7 +47,7 @@ struct _CamelTcpStreamSSL { PRFileDesc *sockfd; - CamelSession *session; + CamelService *service; char *expected_host; }; @@ -62,7 +62,7 @@ typedef struct { CamelType camel_tcp_stream_ssl_get_type (void); /* public methods */ -CamelStream *camel_tcp_stream_ssl_new (CamelSession *session, const char *expected_host); +CamelStream *camel_tcp_stream_ssl_new (CamelService *service, const char *expected_host); #endif /* HAVE_NSS */ -- cgit v1.2.3