libpurple/sslconn.c

   1 /**
   2  * @file sslconn.c SSL API
   3  * @ingroup core
   4  */
   5
   6 /* purple
   7  *
   8  * Purple is the legal property of its developers, whose names are too numerous
   9  * to list here.  Please refer to the COPYRIGHT file distributed with this
  10  * source distribution.
  11  *
  12  * This program is free software; you can redistribute it and/or modify
  13  * it under the terms of the GNU General Public License as published by
  14  * the Free Software Foundation; either version 2 of the License, or
  15  * (at your option) any later version.
  16  *
  17  * This program is distributed in the hope that it will be useful,
  18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  20  * GNU General Public License for more details.
  21  *
  22  * You should have received a copy of the GNU General Public License
  23  * along with this program; if not, write to the Free Software
  24  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02111-1301  USA
  25  */
  26 #define _PURPLE_SSLCONN_C_
  27
  28 #include "internal.h"
  29
  30 #include "certificate.h"
  31 #include "debug.h"
  32 #include "request.h"
  33 #include "sslconn.h"
  34
  35 static gboolean _ssl_initialized = FALSE;
  36 static PurpleSslOps *_ssl_ops = NULL;
  37
  38 static gboolean
  39 ssl_init(void)
  40 {
  41         PurplePlugin *plugin;
  42         PurpleSslOps *ops;
  43
  44         if (_ssl_initialized)
  45                 return FALSE;
  46
  47         plugin = purple_plugins_find_with_id("core-ssl");
  48
  49         if (plugin != NULL && !purple_plugin_is_loaded(plugin))
  50                 purple_plugin_load(plugin);
  51
  52         ops = purple_ssl_get_ops();
  53         if ((ops == NULL) || (ops->init == NULL) || (ops->uninit == NULL) ||
  54                 (ops->connectfunc == NULL) || (ops->close == NULL) ||
  55                 (ops->read == NULL) || (ops->write == NULL))
  56         {
  57                 return FALSE;
  58         }
  59
  60         return (_ssl_initialized = ops->init());
  61 }
  62
  63 gboolean
  64 purple_ssl_is_supported(void)
  65 {
  66 #ifdef HAVE_SSL
  67         ssl_init();
  68         return (purple_ssl_get_ops() != NULL);
  69 #else
  70         return FALSE;
  71 #endif
  72 }
  73
  74 static void
  75 purple_ssl_connect_cb(gpointer data, gint source, const gchar *error_message)
  76 {
  77         PurpleSslConnection *gsc;
  78         PurpleSslOps *ops;
  79
  80         gsc = data;
  81         gsc->connect_data = NULL;
  82
  83         if (source < 0)
  84         {
  85                 if (gsc->error_cb != NULL)
  86                         gsc->error_cb(gsc, PURPLE_SSL_CONNECT_FAILED, gsc->connect_cb_data);
  87
  88                 purple_ssl_close(gsc);
  89                 return;
  90         }
  91
  92         gsc->fd = source;
  93
  94         ops = purple_ssl_get_ops();
  95         ops->connectfunc(gsc);
  96 }
  97
  98 PurpleSslConnection *
  99 purple_ssl_connect(PurpleAccount *account, const char *host, int port,
 100                                  PurpleSslInputFunction func, PurpleSslErrorFunction error_func,
 101                                  void *data)
 102 {
 103         return purple_ssl_connect_with_ssl_cn(account, host, port, func, error_func,
 104                                           NULL, data);
 105 }
 106
 107 PurpleSslConnection *
 108 purple_ssl_connect_with_ssl_cn(PurpleAccount *account, const char *host, int port,
 109                                  PurpleSslInputFunction func, PurpleSslErrorFunction error_func,
 110                                  const char *ssl_cn, void *data)
 111 {
 112         PurpleSslConnection *gsc;
 113
 114         g_return_val_if_fail(host != NULL,            NULL);
 115         g_return_val_if_fail(port != 0 && port != -1, NULL);
 116         g_return_val_if_fail(func != NULL,            NULL);
 117         g_return_val_if_fail(purple_ssl_is_supported(), NULL);
 118
 119         if (!_ssl_initialized)
 120         {
 121                 if (!ssl_init())
 122                         return NULL;
 123         }
 124
 125         gsc = g_new0(PurpleSslConnection, 1);
 126
 127         gsc->fd              = -1;
 128         gsc->host            = ssl_cn ? g_strdup(ssl_cn) : g_strdup(host);
 129         gsc->port            = port;
 130         gsc->connect_cb_data = data;
 131         gsc->connect_cb      = func;
 132         gsc->error_cb        = error_func;
 133
 134         /* TODO: Move this elsewhere */
 135         gsc->verifier = purple_certificate_find_verifier("x509","tls_cached");
 136
 137         gsc->connect_data = purple_proxy_connect(NULL, account, host, port, purple_ssl_connect_cb, gsc);
 138
 139         if (gsc->connect_data == NULL)
 140         {
 141                 g_free(gsc->host);
 142                 g_free(gsc);
 143
 144                 return NULL;
 145         }
 146
 147         return (PurpleSslConnection *)gsc;
 148 }
 149
 150 static void
 151 recv_cb(gpointer data, gint source, PurpleInputCondition cond)
 152 {
 153         PurpleSslConnection *gsc = data;
 154
 155         gsc->recv_cb(gsc->recv_cb_data, gsc, cond);
 156 }
 157
 158 void
 159 purple_ssl_input_add(PurpleSslConnection *gsc, PurpleSslInputFunction func,
 160                                    void *data)
 161 {
 162         g_return_if_fail(func != NULL);
 163         g_return_if_fail(purple_ssl_is_supported());
 164
 165         gsc->recv_cb_data = data;
 166         gsc->recv_cb      = func;
 167
 168         gsc->inpa = purple_input_add(gsc->fd, PURPLE_INPUT_READ, recv_cb, gsc);
 169 }
 170
 171 const gchar *
 172 purple_ssl_strerror(PurpleSslErrorType error)
 173 {
 174         switch(error) {
 175                 case PURPLE_SSL_CONNECT_FAILED:
 176                         return _("SSL Connection Failed");
 177                 case PURPLE_SSL_HANDSHAKE_FAILED:
 178                         return _("SSL Handshake Failed");
 179                 case PURPLE_SSL_CERTIFICATE_INVALID:
 180                         return _("SSL peer presented an invalid certificate");
 181                 default:
 182                         purple_debug_warning("sslconn", "Unknown SSL error code %d\n", error);
 183                         return _("Unknown SSL error");
 184         }
 185 }
 186
 187 PurpleSslConnection *
 188 purple_ssl_connect_fd(PurpleAccount *account, int fd,
 189                                         PurpleSslInputFunction func,
 190                                         PurpleSslErrorFunction error_func,
 191                     void *data)
 192 {
 193     return purple_ssl_connect_with_host_fd(account, fd, func, error_func, NULL, data);
 194 }
 195
 196 PurpleSslConnection *
 197 purple_ssl_connect_with_host_fd(PurpleAccount *account, int fd,
 198                       PurpleSslInputFunction func,
 199                       PurpleSslErrorFunction error_func,
 200                       const char *host,
 201                       void *data)
 202 {
 203         PurpleSslConnection *gsc;
 204         PurpleSslOps *ops;
 205
 206         g_return_val_if_fail(fd != -1,                NULL);
 207         g_return_val_if_fail(func != NULL,            NULL);
 208         g_return_val_if_fail(purple_ssl_is_supported(), NULL);
 209
 210         if (!_ssl_initialized)
 211         {
 212                 if (!ssl_init())
 213                         return NULL;
 214         }
 215
 216         gsc = g_new0(PurpleSslConnection, 1);
 217
 218         gsc->connect_cb_data = data;
 219         gsc->connect_cb      = func;
 220         gsc->error_cb        = error_func;
 221         gsc->fd              = fd;
 222     if(host)
 223         gsc->host            = g_strdup(host);
 224
 225         /* TODO: Move this elsewhere */
 226         gsc->verifier = purple_certificate_find_verifier("x509","tls_cached");
 227
 228
 229         ops = purple_ssl_get_ops();
 230         ops->connectfunc(gsc);
 231
 232         return (PurpleSslConnection *)gsc;
 233 }
 234
 235 void
 236 purple_ssl_close(PurpleSslConnection *gsc)
 237 {
 238         PurpleSslOps *ops;
 239
 240         g_return_if_fail(gsc != NULL);
 241
 242         purple_request_close_with_handle(gsc);
 243         purple_notify_close_with_handle(gsc);
 244
 245         ops = purple_ssl_get_ops();
 246         (ops->close)(gsc);
 247
 248         if (gsc->connect_data != NULL)
 249                 purple_proxy_connect_cancel(gsc->connect_data);
 250
 251         if (gsc->inpa > 0)
 252                 purple_input_remove(gsc->inpa);
 253
 254         if (gsc->fd >= 0)
 255                 close(gsc->fd);
 256
 257         g_free(gsc->host);
 258         g_free(gsc);
 259 }
 260
 261 size_t
 262 purple_ssl_read(PurpleSslConnection *gsc, void *data, size_t len)
 263 {
 264         PurpleSslOps *ops;
 265
 266         g_return_val_if_fail(gsc  != NULL, 0);
 267         g_return_val_if_fail(data != NULL, 0);
 268         g_return_val_if_fail(len  >  0,    0);
 269
 270         ops = purple_ssl_get_ops();
 271         return (ops->read)(gsc, data, len);
 272 }
 273
 274 size_t
 275 purple_ssl_write(PurpleSslConnection *gsc, const void *data, size_t len)
 276 {
 277         PurpleSslOps *ops;
 278
 279         g_return_val_if_fail(gsc  != NULL, 0);
 280         g_return_val_if_fail(data != NULL, 0);
 281         g_return_val_if_fail(len  >  0,    0);
 282
 283         ops = purple_ssl_get_ops();
 284         return (ops->write)(gsc, data, len);
 285 }
 286
 287 GList *
 288 purple_ssl_get_peer_certificates(PurpleSslConnection *gsc)
 289 {
 290         PurpleSslOps *ops;
 291
 292         g_return_val_if_fail(gsc != NULL, NULL);
 293
 294         ops = purple_ssl_get_ops();
 295         return (ops->get_peer_certificates)(gsc);
 296 }
 297
 298 void
 299 purple_ssl_set_ops(PurpleSslOps *ops)
 300 {
 301         _ssl_ops = ops;
 302 }
 303
 304 PurpleSslOps *
 305 purple_ssl_get_ops(void)
 306 {
 307         return _ssl_ops;
 308 }
 309
 310 void
 311 purple_ssl_init(void)
 312 {
 313         /* Although purple_ssl_is_supported will do the initialization on
 314            command, SSL plugins tend to register CertificateSchemes as well
 315            as providing SSL ops. */
 316         if (!ssl_init()) {
 317                 purple_debug_error("sslconn", "Unable to initialize SSL.\n");
 318         }
 319 }
 320
 321 void
 322 purple_ssl_uninit(void)
 323 {
 324         PurpleSslOps *ops;
 325
 326         if (!_ssl_initialized)
 327                 return;
 328
 329         ops = purple_ssl_get_ops();
 330         ops->uninit();
 331
 332         _ssl_initialized = FALSE;
 333 }