2003-03-03 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-openssl.c (camel_tcp_stream_ssl_new): Updated
to use the new API from a fe commits ago for the NSS stream. This
is just to make it compile, but does not update the behaviour to
act like the NSS stream. Note that people shouldn't be using
OpenSSL anyway.
(camel_tcp_stream_ssl_new_raw): Same.
* camel-process.[c,h]: New source file containing convenience
functions for process creation/termination mainly for use with
Pipe filters but should be usable for anything we want.
* camel-io.[c,h]: New source files implementing read/write system
calls with proper error checking and cancellation
(ie. StreamFs::read/write and CamelTcpStreamRaw::read/write). No
sense duplicating the same code over and over. Now I can use this
same code easily in other i/o code (such as Pipe filters and gpg
code?).
svn path=/trunk/; revision=20132
2002-08-28 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-openssl.c (stream_setsockopt): Fixed `set' to
hold the correct value when setting the flags.
svn path=/trunk/; revision=17913
2002-07-30 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream.c (camel_tcp_address_new): Update the comment.
* camel-tcp-stream-raw.c (socket_connect): If building with IPv6
support and the address is an IPv6 address, connect using a
sockaddr_in6 otherwise use the standard IPv4 sockaddr_in
structure.
(stream_get_local_address): Fix to work with IPv6 addresses.
(stream_get_remote_address): Same.
* camel-tcp-stream-openssl.c (socket_connect): Same as above.
(stream_get_local_address): Fix to work with IPv6 addresses.
(stream_get_remote_address): Same.
* camel-tcp-stream-ssl.c (stream_connect): If building with IPv6
support and the address is an IPv6 address, initialise the
PRNetAddr accordingly.
(stream_get_local_address): Fix to work with IPv6 addresses.
(stream_get_remote_address): Same.
svn path=/trunk/; revision=17651
2002-07-30 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-openssl.c (ssl_verify): X509_digest() needs a
pointer to an int len. Also fixed some other compiler errors.
* camel-certdb.h: #include <stdio.h>
svn path=/trunk/; revision=17647
2002-07-30 Jeffrey Stedfast <fejj@ximian.com>
* camel-certdb.c: New source file implementing a very basic
certificate database. This is mostly just here because the Mozilla
NSS certdb seems to not be working for everyone's Evolution
install (works fine for me and Ettore but not many other people).
* camel-tcp-stream-ssl.c (ssl_bad_cert): If we have this
certificate in our own CamelCertDB, then get the trust value from
that and only prompt the user if the trust is unknown.
* camel-tcp-stream-openssl.c (ssl_verify): Same.
* camel.c (camel_init): Create our default certdb.
svn path=/trunk/; revision=17642
implementation so that callers don't need to care which one is
being used.
* camel-tcp-stream-openssl.c: Implement CamelTcpStreamSSL, not
CamelTcpStreamOpenSSL. Rename methods as well. Replace the
camel-tcp-stream-openssl.h include with camel-tcp-stream-ssl.h.
* camel-tcp-stream-openssl.h: Gone.
* camel-tcp-stream-ssl.c: Add a note explaining that this
implementation is only used for NSS, and that OpenSSL's
implementation is in another file. (Should probably do some CVS
renaming magic at some point.)
* camel-http-stream.c (http_connect): Remove OpenSSL refs; the
previously-NSS-specific code works for both now.
* camel-remote-store.c: Likewise.
* providers/smtp/camel-smtp-transport.c: Likewise.
* providers/pop3/camel-pop3-store.c: Likewise.
* Makefile.am (libcamelinclude_HEADERS): Remove
camel-tcp-stream-openssl.h
svn path=/trunk/; revision=16093
* camel-tcp-stream.c (camel_tcp_stream_get_socket): Remove this:
it couldn't be generically used, because different subclasses
returned entirely different types of data.
(camel_tcp_stream_get_local_address,
camel_tcp_stream_get_remote_address): Add these to replace what
get_socket was being used for.
(camel_tcp_address_new, camel_tcp_address_free): Utility functions
for get_{local,remote}_address.
* providers/smtp/camel-smtp-transport.c: Change localaddr to a
CamelTcpAddress *.
(connect_to_server): Call camel_tcp_stream_get_local_address to
get the local IP address.
(smtp_disconnect): free localaddr.
(smtp_helo): Update for localaddr change.
* camel-tcp-stream-raw.c (stream_get_socket): Remove
(stream_get_local_address, stream_get_remote_address): Implement.
* camel-tcp-stream-ssl.c (stream_get_socket): Remove
(stream_get_local_address, stream_get_remote_address): Implement.
* camel-tcp-stream-openssl.c (stream_get_socket): Remove
(stream_get_local_address, stream_get_remote_address): Implement.
svn path=/trunk/; revision=16092
2002-03-06 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-openssl.c: compile fixes.
(camel_tcp_stream_openssl_enable_ssl): Check to make sure that the
sockfd != -1, it's not enough to check that it is non-zero. Also
set the sockfd to -1 on fail (open_ssl_connection will close the
sockfd on fail).
svn path=/trunk/; revision=15953
2002-03-05 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-openssl.c (camel_tcp_stream_openssl_new_raw):
Start the ssl stream off in non-ssl mode (useful for STARTTLS).
(camel_tcp_stream_openssl_enable_ssl): New function to toggle an
ssl stream into ssl mode.
(open_ssl_connection): Close the sockfd on fail so our caller
doesn't have to - this also allows us to save the original errno.
(stream_connect): If we want ssl mode, do our ssl stuff.
(camel_tcp_stream_openssl_class_init): Init some SSL stuff here
instead of in open_ssl_connection since these only ever need to be
called once.
(stream_read): Only use SSL_read if we are in ssl mode.
(stream_write): Only use SSL_write if we are in ssl mode.
* providers/smtp/camel-smtp-transport.c (smtp_helo): Check for the
STARTTLS extension.
(connect_to_server): Try to use STARTTLS whenever possible rather
than the old way of doing things.
(connect_to_server_wrapper): Wrapper around connect_to_server() to
first try STARTTLS and then attempt normal SSL mode if we can't
connect via STARTTLS.
* camel-tcp-stream-ssl.c (camel_tcp_stream_ssl_enable_ssl): New
function to toggle an ssl stream into ssl mode.
(camel_tcp_stream_ssl_new_raw): Start the ssl stream off in
non-ssl mode (useful for STARTTLS).
(stream_connect): Only connect in SSL mode if required.
svn path=/trunk/; revision=15937
2001-10-29 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-openssl.c (my_SSL_write): Removed.
(stream_write): Keep looping (non-blocking case) if errno is
EAGAIN, EINTR or EWOULDBLOCK. For NONBLOCKing I/O, sync up with
CamelTcpStreamRaw. As with CamelTcpStreamRaw/SSL - make sure to
write out everything before returning.
(my_SSL_read): Removed.
(stream_read): Just call ssl_error_to_errno() and check the errno
values that we care about so we can keep the general look of all
this stream code the same. Also when checking the return value of
SSL_read, check for <0 instead of ==-1 since the man page for
SSL_read doesn't say it will return -1 on fail, it just says <0.
(stream_flush): Don't fsync() since syncing on a socket is a Bad
Thing (tm).
* camel-tcp-stream-ssl.c (stream_write): Make sure we write out
everything just like in camel-tcp-stream-raw.c.
* camel-stream-buffer.c (camel_stream_buffer_gets): If
camel_stream_read() returns -1, don't necessarily return -1 to our
caller since it's possible that we did actually "read" some data
(ie, we copied some pre-buffered data into the out buffer).
* camel-stream-buffer.h: Removed CAMEL_STREAM_BUFFER_NEWLINE since
it never got used anywhere and it isn't supported anyway.
svn path=/trunk/; revision=14409
2001-10-16 Jeffrey Stedfast <fejj@ximian.com>
* camel-object.[c,h]: If CAMEL_DEBUG is defined, print some useful
ref/unref info.
* providers/imap/camel-imap-store.c (delete_folder): Fixed an
assignment warning.
* camel-uid-cache.c (camel_uid_cache_new): Make sure that the
parent directory exists before trying to open the filename, if it
doesn't, create it.
svn path=/trunk/; revision=13707
2001-10-11 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-ssl.c (ssl_cert_is_saved): Same.
* camel-tcp-stream-openssl.c (ssl_cert_is_saved): Instead of
opening the file, stat it and make sure that it belongs to us.
svn path=/trunk/; revision=13600
2001-10-10 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-openssl.c (ssl_verify): Same hack as below.
* camel-tcp-stream-ssl.c (ssl_bad_cert): Hack around the fact that
adding a cert to nss's certdb seems to not work.
svn path=/trunk/; revision=13575
* camel-tcp-stream-openssl.c (ssl_error_to_errno): Make this take
an SSL * instead of a CamelTcpStreamSSL *, since it can get called
from open_ssl_connection, when the CamelTcpStreamSSL isn't set up
right yet. Fixes a crash on connection failure.
svn path=/trunk/; revision=13213
* camel-tcp-stream-openssl.c (my_SSL_read, my_SSL_write): call
SSL_read/write, looping on SSL_ERROR_WANT_READ/WRITE. I'm sure
there's a perfectly good reason that the API works this way. No,
really.
(stream_read, stream_write): use my_SSL_read and my_SSL_write.
Fixes at least ximian 8593, and probably 6024 and maybe 10366,
at least for OpenSSL. There may be a parallel NSS bug?
svn path=/trunk/; revision=13121
2001-09-23 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-openssl.c (ssl_verify): Don't even try to alert
the user if the session isn't interactive.
(errlib_error_to_errno): Make the default errno EINTR so that we
act just like CamelTcpStreamSSL.
* camel-pgp-context.c (pgp_sign): When the password is not
provided, set the exception to USER_CANCEL.
(pgp_clearsign): Same.
(pgp_encrypt): And here.
(pgp_decrypt): Here too.
svn path=/trunk/; revision=13088
2001-08-15 Peter Williams <peterw@ximian.com>
* camel-tcp-stream-openssl.c (ssl_error_to_errno): New function. Try
to approximate the SSL error into errno.
(errlib_error_to_errno): New function, try to approximate OpenSSl's
error library's error (ERR_*) into errno.
(stream_read): Try to set errno using ssl_error_to_errno.
(stream_write): Same.
(open_ssl_connection): Same.
svn path=/trunk/; revision=12065
2001-07-08 Chris Toshok <toshok@ximian.com>
* camel-tcp-stream-openssl.c (camel_tcp_stream_openssl_finalize):
openssl_table is gone. we now store/get the stream from the
SSL_CTX's app_data.
(stream_read): rework the non-blocking case to account for SSL
possibly buffering data (in which case select will block even
though data is ready to be read), and to account for FreeBSD's
strange behavior of returning -1/EAGAIN even though select said
the fd was ready to be read.
(ssl_verify): openssl_table is gone.
(open_ssl_connection): set the SSL_CTX's app_data to be the
stream, remove the openssl_table code.
svn path=/trunk/; revision=10894
2001-07-05 Chris Toshok <toshok@ximian.com>
* camel-tcp-stream-openssl.c (ssl_verify): use
X509_STORE_CTX_get_ex_data to get at the SSL* - don't use the
X509_STORE_CTX to look up our stream, since it's not what we used
to insert our stream into the hashtable.
(open_ssl_connection): insert the stream into the hashtable before
calling SSL_connect, as this can cause ssl_verify to be called,
and we need to look up the stream there. remove the stream from
the hashtable if there's an error connecting.
(stream_connect): pass the CamelTcpStreamOpenSSL* to
open_ssl_connection since it handles the hashtable stuff. remove
hashtable stuff from here.
svn path=/trunk/; revision=10819
2001-05-21 Jeffrey Stedfast <fejj@ximian.com>
* providers/imap/camel-imap-store.c (get_folder_info_online):
Store the CamelFolderInfo tree that was returned from
camel_folder_info_build() in a new variable, 'tree', rather than
'fi' since we later use 'fi' when syncing folders. Not only does
this fix a memory leak, but it also fixes the bug where the user
would only see the last folder in the folder list and/or it's
subfolders.
svn path=/trunk/; revision=9911
2001-05-04 Jeffrey Stedfast <fejj@ximian.com>
* providers/smtp/camel-smtp-transport.c (connect_to_server): Add
support for using OpenSSL.
* camel-remote-store.c (remote_connect): Add support for using the
OpenSSL implementation.
* camel-tcp-stream-ssl.c (ssl_bad_cert): Hmmmm, don't pass in a
NULL as the last argument to alert_user - prototype doesn't take
that argument anymore?
* camel-tcp-stream-openssl.c (camel_tcp_stream_openssl_finalize):
(ssl_verify): Use a global hash table to try and lookup the
CamelTcpStreamOpenSSL object given the ssl context since OpenSSL
doesn't think one needs to pass data around, we should all be
living in a world of global variables, duh!
svn path=/trunk/; revision=9697
2001-03-21 Jeffrey Stedfast <fejj@ximian.com>
* camel-filter-driver.c (camel_filter_driver_filter_message):
Return -1 on fail.
(camel_filter_driver_filter_folder): Same.
(camel_filter_driver_filter_mbox): Same.
(camel_filter_driver_filter_folder): Return -1 if an exception was
set as well.
2001-03-19 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-openssl.c (camel_tcp_stream_openssl_finalize):
Free the expected host.
(camel_tcp_stream_openssl_new): Now takes a Service and an
expected_host. Set them.
svn path=/trunk/; revision=8871
