SSL/TLS certificate enhancements.

git-svn-id: svn+ssh://svn.gna.org/svn/gnustep/libs/base/trunk@37103 72102866-910b-0410-8b05-ffd578937521
2025-05-30 00:11:26 +00:00 · 2013-09-18 12:49:07 +00:00 · 2013-09-18 12:49:07 +00:00 · 2e99b562d8
commit 2e99b562d8
parent 67ca781fb0
5 changed files with 119 additions and 5 deletions
--- a/Source/GSTLS.m
+++ b/Source/GSTLS.m
@ -152,6 +152,9 @@ static gnutls_anon_client_credentials_t anoncred;
 */
@implementation GSTLSObject

+static NSLock                   *fileLock = nil;
+static NSMutableDictionary      *fileMap = nil;
+
 + (void) _defaultsChanged: (NSNotification*)n
 {
  NSString      *str;
@ -214,6 +217,25 @@ static gnutls_anon_client_credentials_t anoncred;
  gnutls_global_set_log_level(globalDebug);
 }

+ (NSData*) dataForTLSFile: (NSString*)fileName
+{
+  NSData        *result;
+
+  if (NO == [fileName isKindOfClass: [NSString class]])
+    {
+      [NSException raise: NSInvalidArgumentException
+                  format: @"[GSTLS+dataForTLSFile:] called with bad file name"];
+    }
+  [fileLock lock];
+  result = [[fileMap objectForKey: fileName] retain];
+  [fileLock unlock];
+  if (nil == result)
+    {
+      return [NSData dataWithContentsOfFile: fileName];
+    }
+  return [result autorelease];
+}
+
 + (void) initialize
 {
  if ([GSTLSObject class] == self)
@ -230,6 +252,9 @@ static gnutls_anon_client_credentials_t anoncred;

          bundle = [NSBundle bundleForClass: [NSObject class]];

+          fileLock = [NSLock new];
+          fileMap = [NSMutableDictionary new];
+
          /* Let the GS_TLS_CA_FILE environment variable override the
           * default certificate authority location.
           */
@ -309,6 +334,23 @@ static gnutls_anon_client_credentials_t anoncred;
    }
 }

+ (void) setData: (NSData*)data forTLSFile: (NSString*)fileName
+{
+  if (nil != data && NO == [data isKindOfClass: [NSData class]])
+    {
+      [NSException raise: NSInvalidArgumentException
+                  format: @"[GSTLS+setData:forTLSFile:] called with bad data"];
+    }
+  if (NO == [fileName isKindOfClass: [NSString class]])
+    {
+      [NSException raise: NSInvalidArgumentException
+                  format: @"[GSTLS+setData:forTLSFile:] called with bad file"];
+    }
+  [fileLock lock];
+  [fileMap setObject: data forKey: fileName];
+  [fileLock unlock];
+}
+
@end

@implementation GSTLSDHParams
@ -440,7 +482,7 @@ static GSTLSDHParams            *paramsCurrent = nil;
      int                       ret;
      gnutls_datum_t            datum;

-      data = [NSData dataWithContentsOfFile: f];
+      data = [[self class] dataForTLSFile: f];
      if (nil == data)
        {
          NSLog(@"Unable to read DF params file '%@'", f);
@ -629,7 +671,7 @@ static NSMutableDictionary      *certificateListCache = nil;
      unsigned int              count = 100;
      gnutls_x509_crt_t         crts[count];

-      data = [NSData dataWithContentsOfFile: f];
+      data = [[self class] dataForTLSFile: f];
      if (nil == data)
        {
          NSLog(@"Unable to read certificate file '%@'", f);
@ -832,7 +874,7 @@ static NSMutableDictionary      *privateKeyCache1 = nil;
      int                       ret;
      gnutls_datum_t            datum;

-      data = [NSData dataWithContentsOfFile: f];
+      data = [[self class] dataForTLSFile: f];
      if (nil == data)
        {
          NSLog(@"Unable to read private key file '%@'", f);