diff options
-rw-r--r-- | camel/ChangeLog | 9 | ||||
-rw-r--r-- | camel/camel-tcp-stream-ssl.c | 20 | ||||
-rw-r--r-- | camel/camel.c | 39 |
3 files changed, 55 insertions, 13 deletions
diff --git a/camel/ChangeLog b/camel/ChangeLog index 53ca70a954..9ab195b5a7 100644 --- a/camel/ChangeLog +++ b/camel/ChangeLog @@ -1,3 +1,12 @@ +2001-01-15 Jeffrey Stedfast <fejj@ximian.com> + + * camel-tcp-stream-ssl.c (stream_connect): Uses an SSL socket now + although there's still a few things missing (like certificate + handling and such). + + * camel.c (camel_ssl_init): A replacement function for + camel_init() that also initializes SSL. + 2001-01-14 Jeffrey Stedfast <fejj@ximian.com> * camel-tcp-stream-ssl.c (stream_getsockopt): Implemented. diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c index 93b2e9da25..b346a02c61 100644 --- a/camel/camel-tcp-stream-ssl.c +++ b/camel/camel-tcp-stream-ssl.c @@ -160,7 +160,7 @@ stream_flush (CamelStream *stream) static int stream_close (CamelStream *stream) { - g_warning ("CamelTcpStreamSSL::close: Better to call ::disconnect.\n"); + g_warning ("CamelTcpStreamSSL::close called on a stream where ::disconnect is preferred\n"); return PR_Close (((CamelTcpStreamSSL *)stream)->sockfd); } @@ -171,7 +171,7 @@ stream_connect (CamelTcpStream *stream, struct hostent *host, int port) CamelTcpStreamSSL *ssl = CAMEL_TCP_STREAM_SSL (stream); PRIntervalTime timeout; PRNetAddr netaddr; - PRFileDesc *fd; + PRFileDesc *fd, *ssl_fd; g_return_val_if_fail (host != NULL, -1); @@ -182,15 +182,16 @@ stream_connect (CamelTcpStream *stream, struct hostent *host, int port) return -1; fd = PR_OpenTCPSocket (host->h_addrtype); + ssl_fd = SSL_ImportFD (NULL, fd); - if (fd == NULL || PR_Connect (fd, &netaddr, timeout) == PR_FAILURE) { - if (fd != NULL) - PR_Close (fd); + if (ssl_fd == NULL || PR_Connect (ssl_fd, &netaddr, timeout) == PR_FAILURE) { + if (ssl_fd != NULL) + PR_Close (ssl_fd); return -1; } - ssl->sockfd = fd; + ssl->sockfd = ssl_fd; return 0; } @@ -198,13 +199,6 @@ stream_connect (CamelTcpStream *stream, struct hostent *host, int port) static int stream_disconnect (CamelTcpStream *stream) { - PRStatus status; - - status = PR_Shutdown (((CamelTcpStreamSSL *)stream)->sockfd, PR_SHUTDOWN_BOTH); - - if (status == PR_FAILURE) - return -1; - return PR_Close (((CamelTcpStreamSSL *)stream)->sockfd); } diff --git a/camel/camel.c b/camel/camel.c index 2d2272057a..5383c4d32a 100644 --- a/camel/camel.c +++ b/camel/camel.c @@ -47,3 +47,42 @@ camel_init(void) return 0; } + +#ifdef U_CANT_TOUCH_THIS +#include <ssl.h> +#include <nss.h> + +gint +camel_ssl_init (char *configdir, gboolean nss_init) +{ +#ifdef ENABLE_THREADS +#ifdef G_THREADS_ENABLED + /*g_thread_init (NULL);*/ +#else /* G_THREADS_ENABLED */ + printf ("Threads are not supported by your version of glib\n"); +#endif /* G_THREADS_ENABLED */ +#endif /* ENABLE_THREADS */ + + if (getenv ("CAMEL_VERBOSE_DEBUG")) + camel_verbose_debug = TRUE; + + unicode_init (); + + if (nss_init) { + PR_init (); + + if (NSS_init (configdir) == SECFailure) + return -1; + + /* FIXME: Erm, use appropriate policy? */ + NSS_SetDomesticPolicy (); + } + + SSL_OptionSetDefault (SSL_ENABLE_SSL2, PR_TRUE); + SSL_OptionSetDefault (SSL_ENABLE_SSL3, PR_TRUE); + SSL_OptionSetDefault (SSL_ENABLE_TLS, PR_TRUE); + SSL_OptionSetDefault (SSL_V2_COMPATIBLE_HELLO, PR_TRUE /* maybe? */); + + return 0; +} +#endif |