| blob | 85e2e5afcf29c898e6c766e7295f579033625927 |
1 /* GIO - GLib Input, Output and Streaming Library
2 *
3 * Copyright (C) 2011 Collabora, Ltd.
4 *
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
9 *
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
14 *
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, see <http://www.gnu.org/licenses/>.
17 *
18 * Author: Stef Walter <stefw@collabora.co.uk>
19 */
23 #include <string.h>
36 /**
37 * SECTION:gtlsinteraction
38 * @short_description: Interaction with the user during TLS operations.
39 * @include: gio/gio.h
40 *
41 * #GTlsInteraction provides a mechanism for the TLS connection and database
42 * code to interact with the user. It can be used to ask the user for passwords.
43 *
44 * To use a #GTlsInteraction with a TLS connection use
45 * g_tls_connection_set_interaction().
46 *
47 * Callers should instantiate a derived class that implements the various
48 * interaction methods to show the required dialogs.
49 *
50 * Callers should use the 'invoke' functions like
51 * g_tls_interaction_invoke_ask_password() to run interaction methods. These
52 * functions make sure that the interaction is invoked in the main loop
53 * and not in the current thread, if the current thread is not running the
54 * main loop.
55 *
56 * Derived classes can choose to implement whichever interactions methods they'd
57 * like to support by overriding those virtual methods in their class
58 * initialization function. Any interactions not implemented will return
59 * %G_TLS_INTERACTION_UNHANDLED. If a derived class implements an async method,
60 * it must also implement the corresponding finish method.
61 */
63 /**
64 * GTlsInteraction:
65 *
66 * An object representing interaction that the TLS connection and database
67 * might have with the user.
68 *
69 * Since: 2.30
70 */
72 /**
73 * GTlsInteractionClass:
74 * @ask_password: ask for a password synchronously. If the implementation
75 * returns %G_TLS_INTERACTION_HANDLED, then the password argument should
76 * have been filled in by using g_tls_password_set_value() or a similar
77 * function.
78 * @ask_password_async: ask for a password asynchronously.
79 * @ask_password_finish: complete operation to ask for a password asynchronously.
80 * If the implementation returns %G_TLS_INTERACTION_HANDLED, then the
81 * password argument of the async method should have been filled in by using
82 * g_tls_password_set_value() or a similar function.
83 * @request_certificate: ask for a certificate synchronously. If the
84 * implementation returns %G_TLS_INTERACTION_HANDLED, then the connection
85 * argument should have been filled in by using
86 * g_tls_connection_set_certificate().
87 * @request_certificate_async: ask for a certificate asynchronously.
88 * @request_certificate_finish: complete operation to ask for a certificate
89 * asynchronously. If the implementation returns %G_TLS_INTERACTION_HANDLED,
90 * then the connection argument of the async method should have been
91 * filled in by using g_tls_connection_set_certificate().
92 *
93 * The class for #GTlsInteraction. Derived classes implement the various
94 * virtual interaction methods to handle TLS interactions.
95 *
96 * Derived classes can choose to implement whichever interactions methods they'd
97 * like to support by overriding those virtual methods in their class
98 * initialization function. If a derived class implements an async method,
99 * it must also implement the corresponding finish method.
100 *
101 * The synchronous interaction methods should implement to display modal dialogs,
102 * and the asynchronous methods to display modeless dialogs.
103 *
104 * If the user cancels an interaction, then the result should be
105 * %G_TLS_INTERACTION_FAILED and the error should be set with a domain of
106 * %G_IO_ERROR and code of %G_IO_ERROR_CANCELLED.
107 *
108 * Since: 2.30
109 */
113 };
118 GMutex mutex;
120 /* Input arguments */
125 /* Used when we're invoking async interactions */
126 GAsyncReadyCallback callback;
127 gpointer user_data;
129 /* Used when we expect results */
130 GTlsInteractionResult result;
132 gboolean complete;
133 GCond cond;
136 static void
138 {
148 /* Insurance that we've actually used these before freeing */
153 }
159 {
168 }
170 static GTlsInteractionResult
173 {
174 GTlsInteractionResult result;
184 {
187 }
192 }
194 static GTlsInteractionResult
198 {
199 GTlsInteractionResult result;
200 gboolean complete;
202 /*
203 * Handle the case where we've been called from within the main context
204 * or in the case where the main context is not running. This approximates
205 * the behavior of a modal dialog.
206 */
208 {
210 {
217 }
222 {
225 }
229 }
231 /*
232 * Handle the case where we're in a different thread than the main
233 * context and a main loop is running.
234 */
235 else
236 {
238 }
241 }
243 static void
245 {
248 }
250 static void
252 {
258 }
260 static void
262 {
266 }
268 static gboolean
270 {
289 }
291 static void
294 gpointer user_data)
295 {
305 result,
311 }
313 static gboolean
315 {
327 on_ask_password_complete,
328 closure);
330 /* Note that we've used these */
337 }
339 /**
340 * g_tls_interaction_invoke_ask_password:
341 * @interaction: a #GTlsInteraction object
342 * @password: a #GTlsPassword object
343 * @cancellable: an optional #GCancellable cancellation object
344 * @error: an optional location to place an error on failure
345 *
346 * Invoke the interaction to ask the user for a password. It invokes this
347 * interaction in the main loop, specifically the #GMainContext returned by
348 * g_main_context_get_thread_default() when the interaction is created. This
349 * is called by called by #GTlsConnection or #GTlsDatabase to ask the user
350 * for a password.
351 *
352 * Derived subclasses usually implement a password prompt, although they may
353 * also choose to provide a password from elsewhere. The @password value will
354 * be filled in and then @callback will be called. Alternatively the user may
355 * abort this password request, which will usually abort the TLS connection.
356 *
357 * The implementation can either be a synchronous (eg: modal dialog) or an
358 * asynchronous one (eg: modeless dialog). This function will take care of
359 * calling which ever one correctly.
360 *
361 * If the interaction is cancelled by the cancellation object, or by the
362 * user then %G_TLS_INTERACTION_FAILED will be returned with an error that
363 * contains a %G_IO_ERROR_CANCELLED error code. Certain implementations may
364 * not support immediate cancellation.
365 *
366 * Returns: The status of the ask password interaction.
367 *
368 * Since: 2.30
369 */
370 GTlsInteractionResult
375 {
376 GTlsInteractionResult result;
382 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), G_TLS_INTERACTION_UNHANDLED);
387 {
392 }
394 {
402 }
403 else
404 {
406 }
409 }
411 /**
412 * g_tls_interaction_ask_password:
413 * @interaction: a #GTlsInteraction object
414 * @password: a #GTlsPassword object
415 * @cancellable: an optional #GCancellable cancellation object
416 * @error: an optional location to place an error on failure
417 *
418 * Run synchronous interaction to ask the user for a password. In general,
419 * g_tls_interaction_invoke_ask_password() should be used instead of this
420 * function.
421 *
422 * Derived subclasses usually implement a password prompt, although they may
423 * also choose to provide a password from elsewhere. The @password value will
424 * be filled in and then @callback will be called. Alternatively the user may
425 * abort this password request, which will usually abort the TLS connection.
426 *
427 * If the interaction is cancelled by the cancellation object, or by the
428 * user then %G_TLS_INTERACTION_FAILED will be returned with an error that
429 * contains a %G_IO_ERROR_CANCELLED error code. Certain implementations may
430 * not support immediate cancellation.
431 *
432 * Returns: The status of the ask password interaction.
433 *
434 * Since: 2.30
435 */
436 GTlsInteractionResult
441 {
446 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), G_TLS_INTERACTION_UNHANDLED);
451 else
453 }
455 /**
456 * g_tls_interaction_ask_password_async:
457 * @interaction: a #GTlsInteraction object
458 * @password: a #GTlsPassword object
459 * @cancellable: an optional #GCancellable cancellation object
460 * @callback: (nullable): will be called when the interaction completes
461 * @user_data: (nullable): data to pass to the @callback
462 *
463 * Run asynchronous interaction to ask the user for a password. In general,
464 * g_tls_interaction_invoke_ask_password() should be used instead of this
465 * function.
466 *
467 * Derived subclasses usually implement a password prompt, although they may
468 * also choose to provide a password from elsewhere. The @password value will
469 * be filled in and then @callback will be called. Alternatively the user may
470 * abort this password request, which will usually abort the TLS connection.
471 *
472 * If the interaction is cancelled by the cancellation object, or by the
473 * user then %G_TLS_INTERACTION_FAILED will be returned with an error that
474 * contains a %G_IO_ERROR_CANCELLED error code. Certain implementations may
475 * not support immediate cancellation.
476 *
477 * Certain implementations may not support immediate cancellation.
478 *
479 * Since: 2.30
480 */
481 void
485 GAsyncReadyCallback callback,
486 gpointer user_data)
487 {
497 {
501 }
502 else
503 {
508 }
509 }
511 /**
512 * g_tls_interaction_ask_password_finish:
513 * @interaction: a #GTlsInteraction object
514 * @result: the result passed to the callback
515 * @error: an optional location to place an error on failure
516 *
517 * Complete an ask password user interaction request. This should be once
518 * the g_tls_interaction_ask_password_async() completion callback is called.
519 *
520 * If %G_TLS_INTERACTION_HANDLED is returned, then the #GTlsPassword passed
521 * to g_tls_interaction_ask_password() will have its password filled in.
522 *
523 * If the interaction is cancelled by the cancellation object, or by the
524 * user then %G_TLS_INTERACTION_FAILED will be returned with an error that
525 * contains a %G_IO_ERROR_CANCELLED error code.
526 *
527 * Returns: The status of the ask password interaction.
528 *
529 * Since: 2.30
530 */
531 GTlsInteractionResult
535 {
543 {
547 }
548 else
549 {
550 g_return_val_if_fail (g_async_result_is_tagged (result, g_tls_interaction_ask_password_async), G_TLS_INTERACTION_UNHANDLED);
553 }
554 }
556 static gboolean
558 {
578 }
580 static void
583 gpointer user_data)
584 {
599 }
601 static gboolean
603 {
615 on_request_certificate_complete,
616 closure);
618 /* Note that we've used these */
625 }
627 /**
628 * g_tls_interaction_invoke_request_certificate:
629 * @interaction: a #GTlsInteraction object
630 * @connection: a #GTlsConnection object
631 * @flags: flags providing more information about the request
632 * @cancellable: an optional #GCancellable cancellation object
633 * @error: an optional location to place an error on failure
634 *
635 * Invoke the interaction to ask the user to choose a certificate to
636 * use with the connection. It invokes this interaction in the main
637 * loop, specifically the #GMainContext returned by
638 * g_main_context_get_thread_default() when the interaction is
639 * created. This is called by called by #GTlsConnection when the peer
640 * requests a certificate during the handshake.
641 *
642 * Derived subclasses usually implement a certificate selector,
643 * although they may also choose to provide a certificate from
644 * elsewhere. Alternatively the user may abort this certificate
645 * request, which may or may not abort the TLS connection.
646 *
647 * The implementation can either be a synchronous (eg: modal dialog) or an
648 * asynchronous one (eg: modeless dialog). This function will take care of
649 * calling which ever one correctly.
650 *
651 * If the interaction is cancelled by the cancellation object, or by the
652 * user then %G_TLS_INTERACTION_FAILED will be returned with an error that
653 * contains a %G_IO_ERROR_CANCELLED error code. Certain implementations may
654 * not support immediate cancellation.
655 *
656 * Returns: The status of the certificate request interaction.
657 *
658 * Since: 2.40
659 */
660 GTlsInteractionResult
663 GTlsCertificateRequestFlags flags,
666 {
667 GTlsInteractionResult result;
673 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), G_TLS_INTERACTION_UNHANDLED);
678 {
683 }
685 {
693 }
694 else
695 {
697 }
700 }
702 /**
703 * g_tls_interaction_request_certificate:
704 * @interaction: a #GTlsInteraction object
705 * @connection: a #GTlsConnection object
706 * @flags: flags providing more information about the request
707 * @cancellable: an optional #GCancellable cancellation object
708 * @error: an optional location to place an error on failure
709 *
710 * Run synchronous interaction to ask the user to choose a certificate to use
711 * with the connection. In general, g_tls_interaction_invoke_request_certificate()
712 * should be used instead of this function.
713 *
714 * Derived subclasses usually implement a certificate selector, although they may
715 * also choose to provide a certificate from elsewhere. Alternatively the user may
716 * abort this certificate request, which will usually abort the TLS connection.
717 *
718 * If %G_TLS_INTERACTION_HANDLED is returned, then the #GTlsConnection
719 * passed to g_tls_interaction_request_certificate() will have had its
720 * #GTlsConnection:certificate filled in.
721 *
722 * If the interaction is cancelled by the cancellation object, or by the
723 * user then %G_TLS_INTERACTION_FAILED will be returned with an error that
724 * contains a %G_IO_ERROR_CANCELLED error code. Certain implementations may
725 * not support immediate cancellation.
726 *
727 * Returns: The status of the request certificate interaction.
728 *
729 * Since: 2.40
730 */
731 GTlsInteractionResult
734 GTlsCertificateRequestFlags flags,
737 {
742 g_return_val_if_fail (cancellable == NULL || G_IS_CANCELLABLE (cancellable), G_TLS_INTERACTION_UNHANDLED);
747 else
749 }
751 /**
752 * g_tls_interaction_request_certificate_async:
753 * @interaction: a #GTlsInteraction object
754 * @connection: a #GTlsConnection object
755 * @flags: flags providing more information about the request
756 * @cancellable: an optional #GCancellable cancellation object
757 * @callback: (nullable): will be called when the interaction completes
758 * @user_data: (nullable): data to pass to the @callback
759 *
760 * Run asynchronous interaction to ask the user for a certificate to use with
761 * the connection. In general, g_tls_interaction_invoke_request_certificate() should
762 * be used instead of this function.
763 *
764 * Derived subclasses usually implement a certificate selector, although they may
765 * also choose to provide a certificate from elsewhere. @callback will be called
766 * when the operation completes. Alternatively the user may abort this certificate
767 * request, which will usually abort the TLS connection.
768 *
769 * Since: 2.40
770 */
771 void
774 GTlsCertificateRequestFlags flags,
776 GAsyncReadyCallback callback,
777 gpointer user_data)
778 {
788 {
792 }
793 else
794 {
799 }
800 }
802 /**
803 * g_tls_interaction_request_certificate_finish:
804 * @interaction: a #GTlsInteraction object
805 * @result: the result passed to the callback
806 * @error: an optional location to place an error on failure
807 *
808 * Complete an request certificate user interaction request. This should be once
809 * the g_tls_interaction_request_certificate_async() completion callback is called.
810 *
811 * If %G_TLS_INTERACTION_HANDLED is returned, then the #GTlsConnection
812 * passed to g_tls_interaction_request_certificate_async() will have had its
813 * #GTlsConnection:certificate filled in.
814 *
815 * If the interaction is cancelled by the cancellation object, or by the
816 * user then %G_TLS_INTERACTION_FAILED will be returned with an error that
817 * contains a %G_IO_ERROR_CANCELLED error code.
818 *
819 * Returns: The status of the request certificate interaction.
820 *
821 * Since: 2.40
822 */
823 GTlsInteractionResult
827 {
835 {
839 }
840 else
841 {
842 g_return_val_if_fail (g_async_result_is_tagged (result, g_tls_interaction_request_certificate_async), G_TLS_INTERACTION_UNHANDLED);
845 }
846 }