[glib-networking/mcatanzaro/tls-thread] progress
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking/mcatanzaro/tls-thread] progress
- Date: Mon, 23 Dec 2019 22:11:40 +0000 (UTC)
commit c0b0a9094f93ea51a19b7b0c97d6be87ca7d005a
Author: Michael Catanzaro <mcatanzaro gnome org>
Date: Mon Dec 23 14:30:20 2019 -0600
progress
tls/openssl/gtlsclientconnection-openssl.c | 24 +++++-------------------
tls/tests/connection.c | 5 -----
2 files changed, 5 insertions(+), 24 deletions(-)
---
diff --git a/tls/openssl/gtlsclientconnection-openssl.c b/tls/openssl/gtlsclientconnection-openssl.c
index f14401a..94feb62 100644
--- a/tls/openssl/gtlsclientconnection-openssl.c
+++ b/tls/openssl/gtlsclientconnection-openssl.c
@@ -207,6 +207,10 @@ g_tls_client_connection_openssl_constructed (GObject *object)
* server-identity because at least some servers will fail (rather
* than just failing to resume the session) if we don't.
* (https://bugs.launchpad.net/bugs/823325)
+ *
+ * FIXME: this logic is broken because it doesn't consider the client
+ * certificate when computing the session ID. The GnuTLS version of this
+ * code has this problem fixed. Eliminate this code duplication.
*/
g_object_get (G_OBJECT (openssl), "base-io-stream", &base_conn, NULL);
if (G_IS_SOCKET_CONNECTION (base_conn))
@@ -236,22 +240,6 @@ g_tls_client_connection_openssl_constructed (GObject *object)
G_OBJECT_CLASS (g_tls_client_connection_openssl_parent_class)->constructed (object);
}
-static void
-g_tls_client_connection_openssl_complete_handshake (GTlsConnectionBase *tls,
- gchar **negotiated_protocol,
- GError **error)
-{
- GTlsClientConnectionOpenssl *client = G_TLS_CLIENT_CONNECTION_OPENSSL (tls);
-
- G_TLS_CONNECTION_BASE_CLASS (g_tls_client_connection_openssl_parent_class)->complete_handshake (tls,
negotiated_protocol, error);
-
- /* It may have changed during the handshake, but we have to wait until here
- * because we can't emit notifies on the handshake thread.
- */
- if (client->ca_list_changed)
- g_object_notify (G_OBJECT (client), "accepted-cas");
-}
-
static GTlsCertificateFlags
verify_ocsp_response (GTlsClientConnectionOpenssl *openssl,
GTlsCertificate *peer_certificate)
@@ -320,7 +308,6 @@ g_tls_client_connection_openssl_class_init (GTlsClientConnectionOpensslClass *kl
gobject_class->set_property = g_tls_client_connection_openssl_set_property;
gobject_class->constructed = g_tls_client_connection_openssl_constructed;
- base_class->complete_handshake = g_tls_client_connection_openssl_complete_handshake;
base_class->verify_peer_certificate = g_tls_client_connection_openssl_verify_peer_certificate;
openssl_class->get_ssl = g_tls_client_connection_openssl_get_ssl;
@@ -560,8 +547,7 @@ g_tls_client_connection_openssl_initable_init (GInitable *initable,
SSL_set_tlsext_status_type (client->ssl, TLSEXT_STATUSTYPE_ocsp);
#endif
- if (!g_tls_client_connection_openssl_parent_initable_iface->
- init (initable, cancellable, error))
+ if (!g_tls_client_connection_openssl_parent_initable_iface->init (initable, cancellable, error))
return FALSE;
return TRUE;
diff --git a/tls/tests/connection.c b/tls/tests/connection.c
index 2699d06..3c0c419 100644
--- a/tls/tests/connection.c
+++ b/tls/tests/connection.c
@@ -2617,11 +2617,8 @@ main (int argc,
setup_connection, test_connection_socket_client, teardown_connection);
g_test_add ("/tls/" BACKEND "/connection/socket-client-failed", TestConnection, NULL,
setup_connection, test_connection_socket_client_failed, teardown_connection);
- /* FIXME */
-#if 0
g_test_add ("/tls/" BACKEND "/connection/read-time-out-then-write", TestConnection, NULL,
setup_connection, test_connection_read_time_out_write, teardown_connection);
-#endif
g_test_add ("/tls/" BACKEND "/connection/simultaneous-async", TestConnection, NULL,
setup_connection, test_simultaneous_async, teardown_connection);
g_test_add ("/tls/" BACKEND "/connection/simultaneous-sync", TestConnection, NULL,
@@ -2650,10 +2647,8 @@ main (int argc,
setup_connection, test_alpn_client_only, teardown_connection);
g_test_add ("/tls/" BACKEND "/connection/alpn/server-only", TestConnection, NULL,
setup_connection, test_alpn_server_only, teardown_connection);
-/* FIXME: temporary sabotage
g_test_add ("/tls/" BACKEND "/connection/sync-op-during-handshake", TestConnection, NULL,
setup_connection, test_sync_op_during_handshake, teardown_connection);
- */
g_test_add ("/tls/" BACKEND "/connection/socket-timeout", TestConnection, NULL,
setup_connection, test_socket_timeout, teardown_connection);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]