gnustep/libs-base
0
0
Fork 0
mirror of https://github.com/gnustep/libs-base.git synced 2025-05-30 08:21:25 +00:00
Code Issues Projects Releases Packages Wiki Activity

Fixups for a few problems in gnutls support with https over

Browse source 
NSURLConnection/NSURLProtocol


git-svn-id: svn+ssh://svn.gna.org/svn/gnustep/libs/base/trunk@27092 72102866-910b-0410-8b05-ffd578937521
This commit is contained in:
Richard Frith-MacDonald 2008-11-19 10:07:50 +00:00
parent 5c3cff2bd8
commit 8d24f343e8
8 changed files with 171 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

11
ChangeLog
View file

@ -1,3 +1,14 @@
2008-11-19 Richard Frith-Macdonald <rfm@gnu.org>
* configure.ac: Changes to tolerate older version of gnutls
* configure: regenerate
* config/pathtls.m4: Fix typos
* Headers/Additions/GNUstepBase/config.h.in: regenerate
* Source/GSSocketStream.m: Fix to send required events to handler
after SSL or SOCKS module has dealt with them.
* Source/GSStream.h: New method to reset sent events mask
* Source/GSStream.m: ditto
2008-11-18 Richard Frith-Macdonald <rfm@gnu.org> 2008-11-18 Richard Frith-Macdonald <rfm@gnu.org>
* Source/NSURL.m: Check class of arguments to designated initialiser * Source/NSURL.m: Check class of arguments to designated initialiser

3
Headers/Additions/GNUstepBase/config.h.in
View file

@ -250,6 +250,9 @@
/* Define if libgnutls available */ /* Define if libgnutls available */
#undef HAVE_GNUTLS #undef HAVE_GNUTLS
/* Define to 1 if you have the `gnutls_transport_set_errno' function. */
#undef HAVE_GNUTLS_TRANSPORT_SET_ERRNO
/* Define to 1 if you have the <grp.h> header file. */ /* Define to 1 if you have the <grp.h> header file. */
#undef HAVE_GRP_H #undef HAVE_GRP_H

22
Source/GSSocketStream.m
View file

@ -236,7 +236,11 @@ GSTLSPull(gnutls_transport_ptr_t handle, void *buffer, size_t len)
{ {
e = EAGAIN; // Tell GNUTLS this would block. e = EAGAIN; // Tell GNUTLS this would block.
} }
#if HAVE_GNUTLS_TRANSPORT_SET_ERRNO
gnutls_transport_set_errno (tls->session, e); gnutls_transport_set_errno (tls->session, e);
#else
errno = e; // Not thread-safe
#endif
} }
return result; return result;
} }
@ -263,7 +267,12 @@ GSTLSPush(gnutls_transport_ptr_t handle, const void *buffer, size_t len)
{ {
e = EAGAIN; // Tell GNUTLS this would block. e = EAGAIN; // Tell GNUTLS this would block.
} }
#if HAVE_GNUTLS_TRANSPORT_SET_ERRNO
gnutls_transport_set_errno (tls->session, e); gnutls_transport_set_errno (tls->session, e);
#else
errno = e; // Not thread-safe
#endif
} }
return result; return result;
} }
@ -383,7 +392,6 @@ static gnutls_anon_client_credentials_t anoncred;
handshake = NO; // Handshake is now complete. handshake = NO; // Handshake is now complete.
active = YES; // The TLS session is now active. active = YES; // The TLS session is now active.
} }
} }
} }
@ -458,7 +466,9 @@ static gnutls_anon_client_credentials_t anoncred;
if ([proto isEqualToString: NSStreamSocketSecurityLevelTLSv1] == YES) if ([proto isEqualToString: NSStreamSocketSecurityLevelTLSv1] == YES)
{ {
const int proto_prio[4] = { const int proto_prio[4] = {
#if defined(GNUTLS_TLS1_2)
GNUTLS_TLS1_2, GNUTLS_TLS1_2,
#endif
GNUTLS_TLS1_1, GNUTLS_TLS1_1,
GNUTLS_TLS1_0, GNUTLS_TLS1_0,
0 }; 0 };
@ -534,19 +544,24 @@ static gnutls_anon_client_credentials_t anoncred;
@"GSTLS completed on %p", stream); @"GSTLS completed on %p", stream);
if ([istream streamStatus] == NSStreamStatusOpen) if ([istream streamStatus] == NSStreamStatusOpen)
{ {
[istream _resetEvents: NSStreamEventOpenCompleted];
[istream _sendEvent: NSStreamEventOpenCompleted]; [istream _sendEvent: NSStreamEventOpenCompleted];
} }
else else
{ {
[istream _resetEvents: NSStreamEventErrorOccurred];
[istream _sendEvent: NSStreamEventErrorOccurred]; [istream _sendEvent: NSStreamEventErrorOccurred];
} }
if ([ostream streamStatus] == NSStreamStatusOpen) if ([ostream streamStatus] == NSStreamStatusOpen)
{ {
[ostream _resetEvents: NSStreamEventOpenCompleted
| NSStreamEventHasSpaceAvailable];
[ostream _sendEvent: NSStreamEventOpenCompleted]; [ostream _sendEvent: NSStreamEventOpenCompleted];
[ostream _sendEvent: NSStreamEventHasSpaceAvailable]; [ostream _sendEvent: NSStreamEventHasSpaceAvailable];
} }
else else
{ {
[ostream _resetEvents: NSStreamEventErrorOccurred];
[ostream _sendEvent: NSStreamEventErrorOccurred]; [ostream _sendEvent: NSStreamEventErrorOccurred];
} }
} }
@ -704,19 +719,24 @@ static NSString * const GSSOCKSAckConn = @"GSSOCKSAckConn";
[GSTLS tryInput: is output: os]; [GSTLS tryInput: is output: os];
if ([is streamStatus] == NSStreamStatusOpen) if ([is streamStatus] == NSStreamStatusOpen)
{ {
[is _resetEvents: NSStreamEventOpenCompleted];
[is _sendEvent: NSStreamEventOpenCompleted]; [is _sendEvent: NSStreamEventOpenCompleted];
} }
else else
{ {
[is _resetEvents: NSStreamEventErrorOccurred];
[is _sendEvent: NSStreamEventErrorOccurred]; [is _sendEvent: NSStreamEventErrorOccurred];
} }
if ([os streamStatus] == NSStreamStatusOpen) if ([os streamStatus] == NSStreamStatusOpen)
{ {
[os _resetEvents: NSStreamEventOpenCompleted
| NSStreamEventHasSpaceAvailable];
[os _sendEvent: NSStreamEventOpenCompleted]; [os _sendEvent: NSStreamEventOpenCompleted];
[os _sendEvent: NSStreamEventHasSpaceAvailable]; [os _sendEvent: NSStreamEventHasSpaceAvailable];
} }
else else
{ {
[os _resetEvents: NSStreamEventErrorOccurred];
[os _sendEvent: NSStreamEventErrorOccurred]; [os _sendEvent: NSStreamEventErrorOccurred];
} }
RELEASE(is); RELEASE(is);

4
Source/GSStream.h
View file

@ -112,6 +112,10 @@ IVARS
*/ */
- (void*) _loopID; - (void*) _loopID;
/** Reset events in mask to allow them to be sent again.
*/
- (void) _resetEvents: (int)mask;
/** /**
* Place the stream in all the scheduled runloops. * Place the stream in all the scheduled runloops.
*/ */

10
Source/GSStream.m
View file

@ -337,6 +337,11 @@ static RunLoopEventType typeForStream(NSStream *aStream)
return; return;
} }
- (void) _resetEvents: (int)mask
{
return;
}
- (void) _schedule - (void) _schedule
{ {
} }
@ -393,6 +398,11 @@ static RunLoopEventType typeForStream(NSStream *aStream)
_currentStatus = NSStreamStatusError; _currentStatus = NSStreamStatusError;
} }
- (void) _resetEvents: (int)mask
{
_events &= ~mask;
}
- (void) _schedule - (void) _schedule
{ {
NSMapEnumerator enumerator; NSMapEnumerator enumerator;

8
config/pathtls.m4
View file

@ -52,8 +52,8 @@ main()
printf("*** You need a version of libtgnuls newer than $min_tls_version.\n"); printf("*** You need a version of libtgnuls newer than $min_tls_version.\n");
printf("*** If you have already installed a sufficiently new version, this error\n"); printf("*** If you have already installed a sufficiently new version, this error\n");
printf("*** probably means that the wrong copy of the libgnutls-config shell script is\n"); printf("*** probably means that the wrong copy of the libgnutls-config shell script is\n");
printf("*** being found. Yoiu can fix this is by removing the old version\n"); printf("*** being found. You can fix this is by removing the old version\n");
printf("*** of libgnutlsthe\n"); printf("*** of libgnutls.\n");
return 1; return 1;
} }
return 0; return 0;
@ -100,8 +100,8 @@ main()
printf("*** You need a version of libtgnuls newer than $min_tls_version.\n"); printf("*** You need a version of libtgnuls newer than $min_tls_version.\n");
printf("*** If you have already installed a sufficiently new version, this error\n"); printf("*** If you have already installed a sufficiently new version, this error\n");
printf("*** probably means that the wrong copy of the libgnutls-config shell script is\n"); printf("*** probably means that the wrong copy of the libgnutls-config shell script is\n");
printf("*** being found. Yoiu can fix this is by removing the old version\n"); printf("*** being found. You can fix this is by removing the old version\n");
printf("*** of libgnutlsthe\n"); printf("*** of libgnutls.\n");
return 1; return 1;
} }
return 0; return 0;

117
configure vendored
View file

@ -18264,6 +18264,7 @@ if test $enable_tls = yes; then
saved_LIBS="$LIBS" saved_LIBS="$LIBS"
saved_CFLAGS="$CFLAGS" saved_CFLAGS="$CFLAGS"
# AM_PATH_TLS(2.0.1, enable_libgnutls=yes, enable_libgnutls=no)
# Check whether --with-tls-prefix or --without-tls-prefix was given. # Check whether --with-tls-prefix or --without-tls-prefix was given.
@ -18328,7 +18329,7 @@ else
echo "${ECHO_T}no" >&6 echo "${ECHO_T}no" >&6
fi fi
min_tls_version=2.0.1 min_tls_version=1.4.0
echo "$as_me:$LINENO: checking for libgnutls - version >= $min_tls_version" >&5 echo "$as_me:$LINENO: checking for libgnutls - version >= $min_tls_version" >&5
echo $ECHO_N "checking for libgnutls - version >= $min_tls_version... $ECHO_C" >&6 echo $ECHO_N "checking for libgnutls - version >= $min_tls_version... $ECHO_C" >&6
no_tls="" no_tls=""
@ -18367,8 +18368,8 @@ main()
printf("*** You need a version of libtgnuls newer than $min_tls_version.\n"); printf("*** You need a version of libtgnuls newer than $min_tls_version.\n");
printf("*** If you have already installed a sufficiently new version, this error\n"); printf("*** If you have already installed a sufficiently new version, this error\n");
printf("*** probably means that the wrong copy of the libgnutls-config shell script is\n"); printf("*** probably means that the wrong copy of the libgnutls-config shell script is\n");
printf("*** being found. Yoiu can fix this is by removing the old version\n"); printf("*** being found. You can fix this is by removing the old version\n");
printf("*** of libgnutlsthe\n"); printf("*** of libgnutls.\n");
return 1; return 1;
} }
return 0; return 0;
@ -18444,8 +18445,8 @@ main()
printf("*** You need a version of libtgnuls newer than $min_tls_version.\n"); printf("*** You need a version of libtgnuls newer than $min_tls_version.\n");
printf("*** If you have already installed a sufficiently new version, this error\n"); printf("*** If you have already installed a sufficiently new version, this error\n");
printf("*** probably means that the wrong copy of the libgnutls-config shell script is\n"); printf("*** probably means that the wrong copy of the libgnutls-config shell script is\n");
printf("*** being found. Yoiu can fix this is by removing the old version\n"); printf("*** being found. You can fix this is by removing the old version\n");
printf("*** of libgnutlsthe\n"); printf("*** of libgnutls.\n");
return 1; return 1;
} }
return 0; return 0;
@ -18519,6 +18520,112 @@ cat >>confdefs.h <<\_ACEOF
#define HAVE_GNUTLS 1 #define HAVE_GNUTLS 1
_ACEOF _ACEOF
for ac_func in gnutls_transport_set_errno
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
echo "$as_me:$LINENO: checking for $ac_func" >&5
echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6
if eval "test \"\${$as_ac_var+set}\" = set"; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
For example, HP-UX 11i <limits.h> declares gettimeofday. */
#define $ac_func innocuous_$ac_func
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func (); below.
Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
<limits.h> exists even on freestanding compilers. */
#ifdef __STDC__
# include <limits.h>
#else
# include <assert.h>
#endif
#undef $ac_func
/* Override any gcc2 internal prototype to avoid an error. */
#ifdef __cplusplus
extern "C"
{
#endif
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char $ac_func ();
/* The GNU C library defines this for functions which it implements
to always fail with ENOSYS. Some functions are actually named
something starting with __ and the normal name is an alias. */
#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
choke me
#else
char (*f) () = $ac_func;
#endif
#ifdef __cplusplus
}
#endif
int
main ()
{
return f != $ac_func;
;
return 0;
}
_ACEOF
rm -f conftest.$ac_objext conftest$ac_exeext
if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
(eval $ac_link) 2>conftest.er1
ac_status=$?
grep -v '^ *+' conftest.er1 >conftest.err
rm -f conftest.er1
cat conftest.err >&5
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); } &&
{ ac_try='test -z "$ac_c_werror_flag"
|| test ! -s conftest.err'
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
(eval $ac_try) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; } &&
{ ac_try='test -s conftest$ac_exeext'
{ (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
(eval $ac_try) 2>&5
ac_status=$?
echo "$as_me:$LINENO: \$? = $ac_status" >&5
(exit $ac_status); }; }; then
eval "$as_ac_var=yes"
else
echo "$as_me: failed program was:" >&5
sed 's/^/| /' conftest.$ac_ext >&5
eval "$as_ac_var=no"
fi
rm -f conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
fi
echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_var'}'`" >&5
echo "${ECHO_T}`eval echo '${'$as_ac_var'}'`" >&6
if test `eval echo '${'$as_ac_var'}'` = yes; then
cat >>confdefs.h <<_ACEOF
#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
_ACEOF
fi
done
if test "$ac_cv_func_gnutls_transport_set_errno" = "no"; then
{ echo "$as_me:$LINENO: WARNING: Missing support for thread-safe error handling in GNUTLS. Please check that you have the most recent version installed (2.0 or later chould be fine)." >&5
echo "$as_me: WARNING: Missing support for thread-safe error handling in GNUTLS. Please check that you have the most recent version installed (2.0 or later chould be fine)." >&2;}
fi
else else
HAVE_GNUTLS=0 HAVE_GNUTLS=0
# Restore the CFLAGS and LIBS because AM_PATH_TLS messes them # Restore the CFLAGS and LIBS because AM_PATH_TLS messes them

7
configure.ac
View file

@ -2217,13 +2217,18 @@ if test $enable_tls = yes; then
saved_LIBS="$LIBS" saved_LIBS="$LIBS"
saved_CFLAGS="$CFLAGS" saved_CFLAGS="$CFLAGS"
AM_PATH_TLS(2.0.1, enable_libgnutls=yes, enable_libgnutls=no) # AM_PATH_TLS(2.0.1, enable_libgnutls=yes, enable_libgnutls=no)
AM_PATH_TLS(1.4.0, enable_libgnutls=yes, enable_libgnutls=no)
if test $enable_libgnutls = yes; then if test $enable_libgnutls = yes; then
CPPFLAGS="$CPPFLAGS $TLS_CFLAGS" CPPFLAGS="$CPPFLAGS $TLS_CFLAGS"
INCLUDE_FLAGS="$INCLUDE_FLAGS $TLS_CFLAGS" INCLUDE_FLAGS="$INCLUDE_FLAGS $TLS_CFLAGS"
LIBS="$TLS_LIBS $LIBS" LIBS="$TLS_LIBS $LIBS"
HAVE_GNUTLS=1 HAVE_GNUTLS=1
AC_DEFINE(HAVE_GNUTLS,1,[Define if libgnutls available]) AC_DEFINE(HAVE_GNUTLS,1,[Define if libgnutls available])
AC_CHECK_FUNCS(gnutls_transport_set_errno)
if test "$ac_cv_func_gnutls_transport_set_errno" = "no"; then
AC_MSG_WARN([Missing support for thread-safe error handling in GNUTLS. Please check that you have the most recent version installed (2.0 or later chould be fine).])
fi
else else
HAVE_GNUTLS=0 HAVE_GNUTLS=0
# Restore the CFLAGS and LIBS because AM_PATH_TLS messes them # Restore the CFLAGS and LIBS because AM_PATH_TLS messes them