[Goodies-commits] r5236 - xfce4-mailwatch-plugin/trunk/libmailwatch-core

Brian Tarricone kelnos at xfce.org
Sat Aug 16 10:48:21 CEST 2008


Author: kelnos
Date: 2008-08-16 08:48:21 +0000 (Sat, 16 Aug 2008)
New Revision: 5236

Modified:
   xfce4-mailwatch-plugin/trunk/libmailwatch-core/mailwatch-utils.c
   xfce4-mailwatch-plugin/trunk/libmailwatch-core/mailwatch-utils.h
Log:
remove all network/security code from mailwatch-utils.[ch]

Modified: xfce4-mailwatch-plugin/trunk/libmailwatch-core/mailwatch-utils.c
===================================================================
--- xfce4-mailwatch-plugin/trunk/libmailwatch-core/mailwatch-utils.c	2008-08-16 08:48:10 UTC (rev 5235)
+++ xfce4-mailwatch-plugin/trunk/libmailwatch-core/mailwatch-utils.c	2008-08-16 08:48:21 UTC (rev 5236)
@@ -42,42 +42,14 @@
 #include <sys/types.h>
 #endif
 
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#if HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#ifdef HAVE_SYS_SELECT_H
-#include <sys/select.h>
-#endif
-
-#ifdef HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-
 #ifdef HAVE_ERRNO_H
 #include <errno.h>
 #endif
 
-#ifndef MSG_NOSIGNAL
-#define MSG_NOSIGNAL 0
+#ifdef HAVE_SSL_SUPPORT
+#include <gcrypt.h>
 #endif
 
-#ifndef AI_ADDRCONFIG
-#define AI_ADDRCONFIG 0
-#endif
-
 #include <gtk/gtk.h>
 
 #include <libxfcegui4/libxfcegui4.h>
@@ -86,366 +58,6 @@
 #include "mailwatch-common.h"
 #include "mailwatch.h"
 
-#ifdef HAVE_SSL_SUPPORT
-
-#include <gcrypt.h>
-#include <gnutls/gnutls.h>
-
-/* missing from 1.2.0? */
-#ifndef _GCRY_PTH_SOCKADDR
-#define _GCRY_PTH_SOCKADDR  struct sockaddr
-#endif
-#ifndef _GCRY_PTH_SOCKLEN_T
-#define _GCRY_PTH_SOCKLEN_T socklen_t
-#endif
-
-#define GNUTLS_CA_FILE           "ca.pem"
-    
-/* stuff to support 'gthreads' with gcrypt */
-static int my_g_mutex_init(void **priv);
-static int my_g_mutex_destroy(void **priv);
-static int my_g_mutex_lock(void **priv);
-static int my_g_mutex_unlock(void **priv);
-static struct gcry_thread_cbs gcry_threads_gthread = {
-    GCRY_THREAD_OPTION_USER,
-    NULL,
-    my_g_mutex_init,
-    my_g_mutex_destroy,
-    my_g_mutex_lock,
-    my_g_mutex_unlock,
-    read,
-    write,
-    (ssize_t (*)(int, fd_set *, fd_set *, fd_set *, struct timeval *))select,
-    (ssize_t (*)(pid_t, int *, int))waitpid,
-    accept,
-    (int (*)(int, _GCRY_PTH_SOCKADDR *, _GCRY_PTH_SOCKLEN_T))connect,
-    (int (*)(int, const struct msghdr *, int))sendmsg,
-    (int (*)(int, struct msghdr *, int))recvmsg
-};
-
-/*
- * gthread -> gcrypt support wrappers
- */
-static int
-my_g_mutex_init(void **priv)
-{
-    GMutex **gmx = (GMutex **)priv;
-    
-    *gmx = g_mutex_new();
-    if(!*gmx)
-        return -1;
-    return 0;
-}
-
-static int
-my_g_mutex_destroy(void **priv)
-{
-    GMutex **gmx = (GMutex **)priv;
-    
-    g_mutex_free(*gmx);
-    return 0;
-}
-
-static int
-my_g_mutex_lock(void **priv)
-{
-    GMutex **gmx = (GMutex **)priv;
-    
-    g_mutex_lock(*gmx);
-    return 0;
-}
-
-static int
-my_g_mutex_unlock(void **priv)
-{
-    GMutex **gmx = (GMutex **)priv;
-    
-    g_mutex_unlock(*gmx);
-    return 0;
-}
-
-/***/
-
-#endif  /* defined(HAVE_SSL_SUPPORT) */
-
-gboolean
-xfce_mailwatch_net_get_addrinfo(const gchar *host,
-                                const gchar *service,
-                                struct addrinfo **results,
-                                GError **error)
-{
-    struct addrinfo hints;
-    gint ret;
-    
-    g_return_val_if_fail(results && !*results, FALSE);  /* FIXME: set |error| */
-    
-    memset(&hints, 0, sizeof(hints));
-#ifdef ENABLE_IPV6_SUPPORT
-    hints.ai_family = AF_UNSPEC;
-#else
-    hints.ai_family = AF_INET;
-#endif
-    hints.ai_socktype = SOCK_STREAM;
-    hints.ai_flags = AI_ADDRCONFIG;
-    
-    /* according to getaddrinfo(3), this should be reentrant.  however, calling
-     * it from several threads often causes a crash.  bactraces show that we're
-     * indeed inside getaddrinfo() in more than one thread, and I can't figure
-     * out any other explanation. */
-    
-    xfce_mailwatch_threads_enter();
-    ret = getaddrinfo(host, service, &hints, results);
-    xfce_mailwatch_threads_leave();
-    if(ret) {
-        if(error) {
-            g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                        "getaddrinfo(): %s", gai_strerror(ret));
-        }
-        return FALSE;
-    }
-    
-    return TRUE;
-}
-
-gboolean
-xfce_mailwatch_net_negotiate_tls(gint sockfd,
-                                 XfceMailwatchSecurityInfo *security_info,
-                                 const gchar *host,
-                                 GError **error)
-{
-#ifdef HAVE_SSL_SUPPORT
-    gint gt_ret;
-    const int cert_type_prio[2] = { GNUTLS_CRT_X509, 0 };
-    
-    TRACE("entering");
-    
-    /* init */
-    gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_gthread);
-    gnutls_global_init();
-    security_info->gnutls_inited = TRUE;
-    
-    /* init the x509 cert */
-    gnutls_certificate_allocate_credentials(&security_info->gt_creds);
-    gnutls_certificate_set_x509_trust_file(security_info->gt_creds,
-            GNUTLS_CA_FILE, GNUTLS_X509_FMT_PEM);
-    
-    /* init the session and set it up */
-    gnutls_init(&security_info->gt_session, GNUTLS_CLIENT);
-    gnutls_set_default_priority(security_info->gt_session);
-    gnutls_certificate_type_set_priority(security_info->gt_session,
-            cert_type_prio);
-    gnutls_credentials_set(security_info->gt_session, GNUTLS_CRD_CERTIFICATE,
-            security_info->gt_creds);
-    gnutls_transport_set_ptr(security_info->gt_session,
-            (gnutls_transport_ptr_t)(glong)sockfd);
-    
-    /* just do it */
-    do {
-        gt_ret = gnutls_handshake(security_info->gt_session);
-    } while(gt_ret == GNUTLS_E_AGAIN || gt_ret == GNUTLS_E_INTERRUPTED);
-    if(gt_ret < 0) {
-        if(error) {
-            g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                        gnutls_strerror(gt_ret));
-        }
-        g_critical(_("XfceMailwatch: TLS handshake failed: %s"), gnutls_strerror(gt_ret));
-        return FALSE;
-    } else {
-        DBG("TLS handshake succeeded");
-    }
-    
-    return TRUE;
-#else
-    if(error) {
-        g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                    _("Not compiled with SSL/TLS support"));
-    }
-    g_critical(_("XfceMailwatch: TLS handshake failed: not compiled with SSL support."));
-    
-    return FALSE;
-#endif
-}
-
-
-gssize
-xfce_mailwatch_net_send(gint sockfd,
-                        XfceMailwatchSecurityInfo *security_info,
-                        const gchar *buf,
-                        GError **error)
-{
-    gint bout = 0;
-    
-#ifdef HAVE_SSL_SUPPORT
-    if(security_info->using_tls) {
-        gint ret = 0, totallen = strlen(buf);
-        gint bytesleft = totallen;
-        
-        if(!security_info->gnutls_inited) {
-            if(error) {
-                g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                            _("A secure connection was requested, but gnutls was not initialised"));
-            }
-            g_critical("XfceMailwatch: using_tls is TRUE, but gnutls was not inited");
-            return -1;
-        }
-        
-        while(bytesleft > 0) {
-            do {
-                ret = gnutls_record_send(security_info->gt_session,
-                    buf+totallen-bytesleft, bytesleft);
-            } while(ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
-            
-            if(ret == GNUTLS_E_REHANDSHAKE) {
-                /* server has requested a new handshake */
-                do {
-                    ret = gnutls_handshake(security_info->gt_session);
-                } while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
-                
-                if(ret < 0) {
-                    if(error) {
-                        g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                                    "gnutls_handshake() [%d]: %s", ret,
-                                    gnutls_strerror(ret));
-                    }
-                    return -1;
-                }
-            } else if(ret < 0) {
-                if(error) {
-                    g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                                "gnutls_record_send() [%d]: %s", ret,
-                                gnutls_strerror(ret));
-                }
-                DBG("gnutls_record_send() failed (%d): %s", ret,
-                    gnutls_strerror(ret));
-                return -1;
-            } else if(ret > 0) {
-                bout += ret;
-                bytesleft -= ret;
-            }
-        }
-    } else {
-#endif
-        do {
-            bout = send(sockfd, buf, strlen(buf), MSG_NOSIGNAL);
-        } while(bout < 0 && (errno == EAGAIN || errno == EINTR));
-        
-        if(bout < 0 && error) {
-            g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                        "send(): %s", strerror(errno));
-        }
-#ifdef HAVE_SSL_SUPPORT
-    }
-#endif
-    
-    return bout;
-}
-
-gssize
-xfce_mailwatch_net_recv(gint sockfd,
-                        XfceMailwatchSecurityInfo *security_info,
-                        gchar *buf,
-                        gsize len,
-                        GError **error)
-{
-    fd_set rfd;
-    struct timeval tv;
-    gint ret, bin = 0;
-    
-#ifdef HAVE_SSL_SUPPORT
-    if(security_info->using_tls) {
-        if(!security_info->gnutls_inited) {
-            if(error) {
-                g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                            _("A secure connection was requested, but gnutls was not initialised"));
-            }
-            g_critical("XfceMailwatch: using_tls is TRUE, but gnutls was not inited");
-            return -1;
-        }
-        
-retry_recv:
-        do {
-            ret = gnutls_record_recv(security_info->gt_session, buf, len);
-        } while(ret == GNUTLS_E_INTERRUPTED || ret == GNUTLS_E_AGAIN);
-        
-        if(ret == GNUTLS_E_REHANDSHAKE) {
-            /* server has requested a new handshake */
-            do {
-                ret = gnutls_handshake(security_info->gt_session);
-            } while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
-            
-            if(ret < 0) {
-                if(error) {
-                    g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                                "gnutls_handshake() [%d]: %s", ret,
-                                gnutls_strerror(ret));
-                }
-                return -1;
-            }
-            
-            goto retry_recv;
-        } else if(ret < 0) {
-            if(error) {
-                g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                            "gnutls_record_recv() [%d]: %s", ret,
-                            gnutls_strerror(ret));
-            }
-            return -1;
-        } else
-            bin = ret;
-    } else {
-#endif
-        FD_ZERO(&rfd);
-        FD_SET(sockfd, &rfd);
-        tv.tv_sec = 30;
-        tv.tv_usec = 0;
-        
-        do {
-            ret = select(FD_SETSIZE, &rfd, NULL, NULL, &tv);
-        } while(ret < 0 && (errno == EAGAIN || errno == EINTR));
-        
-        if(ret < 0) {
-            if(error) {
-                g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                            "select(): %s", strerror(errno));
-            }
-            return -1;
-        }
-        
-        if(FD_ISSET(sockfd, &rfd)) {
-            do {
-                bin = recv(sockfd, buf, len, MSG_NOSIGNAL);
-            } while(bin < 0 && (errno == EAGAIN || errno == EINTR));
-            
-            if(bin < 0 && error) {
-                g_set_error(error, XFCE_MAILWATCH_ERROR, 0,
-                            "recv(): %s", strerror(errno));
-            }
-        }
-#ifdef HAVE_SSL_SUPPORT
-    }
-#endif
-    
-    if(bin >= 0)
-        buf[bin] = 0;
-    
-    return bin;
-}
-
-void
-xfce_mailwatch_net_tls_teardown(XfceMailwatchSecurityInfo *security_info)
-{
-#ifdef HAVE_SSL_SUPPORT
-    if(security_info->gnutls_inited) {
-        gnutls_bye(security_info->gt_session, GNUTLS_SHUT_RDWR);
-        gnutls_deinit(security_info->gt_session);
-        gnutls_certificate_free_credentials(security_info->gt_creds);
-        gnutls_global_deinit();
-        security_info->gnutls_inited = FALSE;
-    }
-#endif
-}
-
-
 GtkWidget *
 xfce_mailwatch_custom_button_new(const gchar *text, const gchar *icon)
 {
@@ -504,7 +116,6 @@
 }
 
 #ifdef HAVE_SSL_SUPPORT
-
 /* assumes |dest| is allocated 2x |src_len| */
 static void
 bin2hex(gchar *dest,
@@ -522,12 +133,14 @@
         src++;
     }
 }
+#endif
 
 gchar *
 xfce_mailwatch_cram_md5(const gchar *username,
                         const gchar *password,
                         const gchar *challenge_base64)
 {
+#ifdef HAVE_SSL_SUPPORT
     gchar challenge[2048];
     gsize len, username_len;
     gcry_md_hd_t hmac_md5;
@@ -571,11 +184,13 @@
     g_free(response);
 
     return response_base64;
+#else
+    g_warning("CRAM-MD5 computation unavailable: libmailwatch was not compiled with gnutls support.");
+    return NULL
+#endif
 }
 
-#endif
 
-
 /*
  * The following Base64 code is provided under the following license:
  *

Modified: xfce4-mailwatch-plugin/trunk/libmailwatch-core/mailwatch-utils.h
===================================================================
--- xfce4-mailwatch-plugin/trunk/libmailwatch-core/mailwatch-utils.h	2008-08-16 08:48:10 UTC (rev 5235)
+++ xfce4-mailwatch-plugin/trunk/libmailwatch-core/mailwatch-utils.h	2008-08-16 08:48:21 UTC (rev 5236)
@@ -19,32 +19,8 @@
 #ifndef __MAILWATCH_UTILS_H__
 #define __MAILWATCH_UTILS_H__
 
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-
-#ifdef HAVE_NETDB_H
-#include <netdb.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-
 #include <gtk/gtk.h>
 
-#ifdef HAVE_SSL_SUPPORT
-#include <gnutls/gnutls.h>
-#endif
-
 G_BEGIN_DECLS
 
 typedef enum
@@ -54,35 +30,6 @@
     AUTH_STARTTLS
 } XfceMailwatchAuthType;
 
-typedef struct
-{
-    gboolean using_tls;
-    gboolean gnutls_inited;
-#ifdef HAVE_SSL_SUPPORT
-    gnutls_session_t gt_session;
-    gnutls_certificate_credentials_t gt_creds;
-#endif
-} XfceMailwatchSecurityInfo;
-
-gboolean xfce_mailwatch_net_get_addrinfo(const gchar *host,
-                                         const gchar *service,
-                                         struct addrinfo **results,
-                                         GError **error);
-gboolean xfce_mailwatch_net_negotiate_tls(gint sockfd,
-                                          XfceMailwatchSecurityInfo *security_info,
-                                          const gchar *host,
-                                          GError **error);
-gssize xfce_mailwatch_net_send(gint sockfd,
-                               XfceMailwatchSecurityInfo *security_info,
-                               const gchar *buf,
-                               GError **error);
-gssize xfce_mailwatch_net_recv(gint sockfd,
-                               XfceMailwatchSecurityInfo *security_info,
-                               gchar *buf,
-                               gsize len,
-                               GError **error);
-void xfce_mailwatch_net_tls_teardown(XfceMailwatchSecurityInfo *security_info);
-
 GtkWidget *xfce_mailwatch_custom_button_new(const gchar *text,
                                             const gchar *icon);
 GtkWidget *xfce_mailwatch_create_framebox(const gchar *title,
@@ -98,6 +45,7 @@
 gint xfce_mailwatch_base64_decode(const gchar *str,
                                   guint8 *data,
                                   gsize size);
+
 G_END_DECLS
 
 #endif




More information about the Goodies-commits mailing list