2 * empathy-tls-certificate.c - Source for EmpathyTLSCertificate
3 * Copyright (C) 2010 Collabora Ltd.
4 * @author Cosimo Cecchi <cosimo.cecchi@collabora.co.uk>
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
23 #include "empathy-tls-certificate.h"
27 #include <glib/gstdio.h>
29 #include <gnutls/gnutls.h>
30 #include <gnutls/x509.h>
32 #include <telepathy-glib/gtypes.h>
33 #include <telepathy-glib/util.h>
35 #define DEBUG_FLAG EMPATHY_DEBUG_TLS
36 #include "empathy-debug.h"
37 #include "empathy-utils.h"
39 #include "extensions/extensions.h"
42 /* proxy properties */
50 GSimpleAsyncResult *async_prepare_res;
52 /* TLSCertificate properties */
55 EmpTLSCertificateState state;
58 } EmpathyTLSCertificatePriv;
60 G_DEFINE_TYPE (EmpathyTLSCertificate, empathy_tls_certificate,
63 #define GET_PRIV(obj) EMPATHY_GET_PRIV (obj, EmpathyTLSCertificate);
66 tls_certificate_got_all_cb (TpProxy *proxy,
67 GHashTable *properties,
73 EmpathyTLSCertificate *self = EMPATHY_TLS_CERTIFICATE (weak_object);
74 EmpathyTLSCertificatePriv *priv = GET_PRIV (self);
78 g_simple_async_result_set_from_error (priv->async_prepare_res, error);
79 g_simple_async_result_complete (priv->async_prepare_res);
80 tp_clear_object (&priv->async_prepare_res);
85 priv->cert_type = g_strdup (tp_asv_get_string (properties,
87 priv->state = tp_asv_get_uint32 (properties, "State", NULL);
89 cert_data = tp_asv_get_boxed (properties, "CertificateChainData",
90 TP_ARRAY_TYPE_UCHAR_ARRAY_LIST);
91 g_assert (cert_data != NULL);
92 priv->cert_data = g_boxed_copy (TP_ARRAY_TYPE_UCHAR_ARRAY_LIST, cert_data);
94 DEBUG ("Got a certificate chain long %u, of type %s",
95 priv->cert_data->len, priv->cert_type);
97 priv->is_prepared = TRUE;
99 g_simple_async_result_complete (priv->async_prepare_res);
100 tp_clear_object (&priv->async_prepare_res);
104 empathy_tls_certificate_prepare_async (EmpathyTLSCertificate *self,
105 GAsyncReadyCallback callback,
108 EmpathyTLSCertificatePriv *priv = GET_PRIV (self);
110 /* emit an error if we're already preparing the object */
111 if (priv->async_prepare_res != NULL)
113 g_simple_async_report_error_in_idle (G_OBJECT (self),
115 G_IO_ERROR, G_IO_ERROR_PENDING,
117 "Prepare operation already in progress on the TLS certificate.");
122 /* if the object is already prepared, just complete in idle */
123 if (priv->is_prepared)
125 tp_simple_async_report_success_in_idle (G_OBJECT (self),
126 callback, user_data, empathy_tls_certificate_prepare_async);
131 priv->async_prepare_res = g_simple_async_result_new (G_OBJECT (self),
132 callback, user_data, empathy_tls_certificate_prepare_async);
134 /* call GetAll() on the certificate */
135 tp_cli_dbus_properties_call_get_all (self,
136 -1, EMP_IFACE_AUTHENTICATION_TLS_CERTIFICATE,
137 tls_certificate_got_all_cb, NULL, NULL,
142 empathy_tls_certificate_prepare_finish (EmpathyTLSCertificate *self,
143 GAsyncResult *result,
146 gboolean retval = TRUE;
148 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result),
156 empathy_tls_certificate_finalize (GObject *object)
158 EmpathyTLSCertificatePriv *priv = GET_PRIV (object);
160 DEBUG ("%p", object);
162 g_free (priv->cert_type);
163 tp_clear_boxed (TP_ARRAY_TYPE_UCHAR_ARRAY_LIST, &priv->cert_data);
165 G_OBJECT_CLASS (empathy_tls_certificate_parent_class)->finalize (object);
169 empathy_tls_certificate_get_property (GObject *object,
174 EmpathyTLSCertificatePriv *priv = GET_PRIV (object);
179 g_value_set_string (value, priv->cert_type);
182 g_value_set_boxed (value, priv->cert_data);
185 g_value_set_uint (value, priv->state);
188 G_OBJECT_WARN_INVALID_PROPERTY_ID (object, property_id, pspec);
194 empathy_tls_certificate_init (EmpathyTLSCertificate *self)
196 self->priv = G_TYPE_INSTANCE_GET_PRIVATE (self,
197 EMPATHY_TYPE_TLS_CERTIFICATE, EmpathyTLSCertificatePriv);
201 empathy_tls_certificate_class_init (EmpathyTLSCertificateClass *klass)
204 GObjectClass *oclass = G_OBJECT_CLASS (klass);
205 TpProxyClass *pclass = TP_PROXY_CLASS (klass);
207 oclass->get_property = empathy_tls_certificate_get_property;
208 oclass->finalize = empathy_tls_certificate_finalize;
210 pclass->interface = EMP_IFACE_QUARK_AUTHENTICATION_TLS_CERTIFICATE;
211 pclass->must_have_unique_name = TRUE;
213 g_type_class_add_private (klass, sizeof (EmpathyTLSCertificatePriv));
215 pspec = g_param_spec_string ("cert-type", "Certificate type",
216 "The type of this certificate.",
218 G_PARAM_READABLE | G_PARAM_STATIC_STRINGS);
219 g_object_class_install_property (oclass, PROP_CERT_TYPE, pspec);
221 pspec = g_param_spec_boxed ("cert-data", "Certificate chain data",
222 "The raw DER-encoded certificate chain data.",
223 TP_ARRAY_TYPE_UCHAR_ARRAY_LIST,
224 G_PARAM_READABLE | G_PARAM_STATIC_STRINGS);
225 g_object_class_install_property (oclass, PROP_CERT_DATA, pspec);
227 pspec = g_param_spec_uint ("state", "State",
228 "The state of this certificate.",
229 EMP_TLS_CERTIFICATE_STATE_PENDING, NUM_EMP_TLS_CERTIFICATE_STATES -1,
230 EMP_TLS_CERTIFICATE_STATE_PENDING,
231 G_PARAM_READABLE | G_PARAM_STATIC_STRINGS);
232 g_object_class_install_property (oclass, PROP_STATE, pspec);
236 cert_proxy_accept_cb (TpProxy *proxy,
239 GObject *weak_object)
241 GSimpleAsyncResult *accept_result = user_data;
243 DEBUG ("Callback for accept(), error %p", error);
247 DEBUG ("Error was %s", error->message);
248 g_simple_async_result_set_from_error (accept_result, error);
251 g_simple_async_result_complete (accept_result);
255 cert_proxy_reject_cb (TpProxy *proxy,
258 GObject *weak_object)
260 GSimpleAsyncResult *reject_result = user_data;
262 DEBUG ("Callback for reject(), error %p", error);
266 DEBUG ("Error was %s", error->message);
267 g_simple_async_result_set_from_error (reject_result, error);
270 g_simple_async_result_complete (reject_result);
274 reject_reason_get_dbus_error (EmpTLSCertificateRejectReason reason)
276 const gchar *retval = NULL;
280 case EMP_TLS_CERTIFICATE_REJECT_REASON_UNTRUSTED:
281 retval = tp_error_get_dbus_name (TP_ERROR_CERT_UNTRUSTED);
283 case EMP_TLS_CERTIFICATE_REJECT_REASON_EXPIRED:
284 retval = tp_error_get_dbus_name (TP_ERROR_CERT_EXPIRED);
286 case EMP_TLS_CERTIFICATE_REJECT_REASON_NOT_ACTIVATED:
287 retval = tp_error_get_dbus_name (TP_ERROR_CERT_NOT_ACTIVATED);
289 case EMP_TLS_CERTIFICATE_REJECT_REASON_FINGERPRINT_MISMATCH:
290 retval = tp_error_get_dbus_name (TP_ERROR_CERT_FINGERPRINT_MISMATCH);
292 case EMP_TLS_CERTIFICATE_REJECT_REASON_HOSTNAME_MISMATCH:
293 retval = tp_error_get_dbus_name (TP_ERROR_CERT_HOSTNAME_MISMATCH);
295 case EMP_TLS_CERTIFICATE_REJECT_REASON_SELF_SIGNED:
296 retval = tp_error_get_dbus_name (TP_ERROR_CERT_SELF_SIGNED);
298 case EMP_TLS_CERTIFICATE_REJECT_REASON_REVOKED:
299 retval = tp_error_get_dbus_name (TP_ERROR_CERT_REVOKED);
301 case EMP_TLS_CERTIFICATE_REJECT_REASON_INSECURE:
302 retval = tp_error_get_dbus_name (TP_ERROR_CERT_INSECURE);
304 case EMP_TLS_CERTIFICATE_REJECT_REASON_LIMIT_EXCEEDED:
305 retval = tp_error_get_dbus_name (TP_ERROR_CERT_LIMIT_EXCEEDED);
307 case EMP_TLS_CERTIFICATE_REJECT_REASON_UNKNOWN:
309 retval = tp_error_get_dbus_name (TP_ERROR_CERT_INVALID);
316 EmpathyTLSCertificate *
317 empathy_tls_certificate_new (TpDBusDaemon *dbus,
318 const gchar *bus_name,
319 const gchar *object_path,
322 EmpathyTLSCertificate *retval = NULL;
324 if (!tp_dbus_check_valid_bus_name (bus_name,
325 TP_DBUS_NAME_TYPE_UNIQUE, error))
328 if (!tp_dbus_check_valid_object_path (object_path, error))
331 retval = g_object_new (EMPATHY_TYPE_TLS_CERTIFICATE,
333 "bus-name", bus_name,
334 "object-path", object_path,
339 DEBUG ("Error while creating the TLS certificate: %s",
346 empathy_tls_certificate_accept_async (EmpathyTLSCertificate *self,
347 GAsyncReadyCallback callback,
350 GSimpleAsyncResult *accept_result;
352 g_assert (EMPATHY_IS_TLS_CERTIFICATE (self));
354 DEBUG ("Accepting TLS certificate");
356 accept_result = g_simple_async_result_new (G_OBJECT (self),
357 callback, user_data, empathy_tls_certificate_accept_async);
359 emp_cli_authentication_tls_certificate_call_accept (TP_PROXY (self),
360 -1, cert_proxy_accept_cb,
361 accept_result, g_object_unref,
366 empathy_tls_certificate_accept_finish (EmpathyTLSCertificate *self,
367 GAsyncResult *result,
370 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result),
378 build_rejections_array (EmpTLSCertificateRejectReason reason,
382 GValueArray *rejection;
384 retval = g_ptr_array_new ();
385 rejection = tp_value_array_build (3,
387 G_TYPE_STRING, reject_reason_get_dbus_error (reason),
388 TP_HASH_TYPE_STRING_VARIANT_MAP, details,
391 g_ptr_array_add (retval, rejection);
397 empathy_tls_certificate_reject_async (EmpathyTLSCertificate *self,
398 EmpTLSCertificateRejectReason reason,
400 GAsyncReadyCallback callback,
403 GPtrArray *rejections;
404 GSimpleAsyncResult *reject_result;
406 g_assert (EMPATHY_IS_TLS_CERTIFICATE (self));
408 DEBUG ("Rejecting TLS certificate with reason %u", reason);
410 rejections = build_rejections_array (reason, details);
411 reject_result = g_simple_async_result_new (G_OBJECT (self),
412 callback, user_data, empathy_tls_certificate_reject_async);
414 emp_cli_authentication_tls_certificate_call_reject (TP_PROXY (self),
415 -1, rejections, cert_proxy_reject_cb,
416 reject_result, g_object_unref, G_OBJECT (self));
418 tp_clear_boxed (EMP_ARRAY_TYPE_TLS_CERTIFICATE_REJECTION_LIST,
423 empathy_tls_certificate_reject_finish (EmpathyTLSCertificate *self,
424 GAsyncResult *result,
427 if (g_simple_async_result_propagate_error (G_SIMPLE_ASYNC_RESULT (result),