fix crash in tls test.

cleaniups

fix crash in tls test.
cleaniups
07ac736f · Simon Morlat · 1b4e2dde · 07ac736f · 07ac736f · 07ac736f
Commit 07ac736f authored Oct 08, 2013 by Simon Morlat
4 changed files
--- a/include/belle-sip/listener.h
+++ b/include/belle-sip/listener.h
@@ -75,8 +75,8 @@ BELLESIP_EXPORT belle_sip_server_transaction_t *belle_sip_transaction_terminated
 * auth event mode
 * */
 typedef enum belle_sip_auth_mode {
-	BELLE_SIP_AUTH_MODE_HTTP_DIGEST, /** Disgest authentication has been requested by the server*/
-	BELLE_SIP_AUTH_MODE_TLS /** Client certificates has bee requested by the server*/
+	BELLE_SIP_AUTH_MODE_HTTP_DIGEST, /** Digest authentication has been requested by the server*/
+	BELLE_SIP_AUTH_MODE_TLS /** Client certificate has been requested by the server*/
 } belle_sip_auth_mode_t;

 BELLESIP_EXPORT void belle_sip_auth_event_destroy(belle_sip_auth_event_t* event);

--- a/src/channel.h
+++ b/src/channel.h
@@ -176,10 +176,12 @@ BELLE_SIP_DECLARE_CUSTOM_VPTR_BEGIN(belle_sip_channel_t,belle_sip_source_t)
 	void (*close)(belle_sip_channel_t *obj);
 BELLE_SIP_DECLARE_CUSTOM_VPTR_END

-/**
+/*
 * tls client certificate authentication. might be relevant for both tls and dtls channels.Only implemented in tls channel for now
- * **/
-void belle_sip_tls_channel_set_client_certificates_chain(belle_sip_channel_t *obj, belle_sip_certificates_chain_t* cert_chain);
-void belle_sip_tls_channel_set_client_certificate_key(belle_sip_channel_t *obj, belle_sip_signing_key_t* key);
+ */
+void belle_sip_tls_channel_set_client_certificates_chain(belle_sip_tls_channel_t *obj, belle_sip_certificates_chain_t* cert_chain);
+void belle_sip_tls_channel_set_client_certificate_key(belle_sip_tls_channel_t *obj, belle_sip_signing_key_t* key);
+
+#define BELLE_SIP_TLS_CHANNEL(obj)		BELLE_SIP_CAST(obj,belle_sip_tls_channel_t)

 #endif
--- a/src/provider.c
+++ b/src/provider.c
@@ -285,15 +285,17 @@ static int channel_on_event(belle_sip_channel_listener_t *obj, belle_sip_channel
 	}
 	return 0;
 }
+
 static int channel_on_auth_requested(belle_sip_channel_listener_t *obj, belle_sip_channel_t *chan, const char* distinguished_name){
 	if (BELLE_SIP_IS_INSTANCE_OF(chan,belle_sip_tls_channel_t)) {
 		belle_sip_provider_t *prov=BELLE_SIP_PROVIDER(obj);
 		belle_sip_auth_event_t* auth_event = belle_sip_auth_event_create(NULL,NULL);
+		belle_sip_tls_channel_t *tls_chan=BELLE_SIP_TLS_CHANNEL(chan);
 		auth_event->mode=BELLE_SIP_AUTH_MODE_TLS;
 		belle_sip_auth_event_set_distinguished_name(auth_event,distinguished_name);
 		BELLE_SIP_PROVIDER_INVOKE_LISTENERS(prov->listeners,process_auth_requested,auth_event);
-		belle_sip_tls_channel_set_client_certificates_chain(chan,auth_event->cert);
-		belle_sip_tls_channel_set_client_certificate_key(chan,auth_event->key);
+		belle_sip_tls_channel_set_client_certificates_chain(tls_chan,auth_event->cert);
+		belle_sip_tls_channel_set_client_certificate_key(tls_chan,auth_event->key);
 		belle_sip_auth_event_destroy(auth_event);
 	}
 	return 0;

--- a/src/transports/tls_channel_polarssl.c
+++ b/src/transports/tls_channel_polarssl.c
@@ -21,7 +21,7 @@

 #ifdef HAVE_POLARSSL
 /* Uncomment to get very verbose polarssl logs*/
-#define ENABLE_POLARSSL_LOGS
+//#define ENABLE_POLARSSL_LOGS
 #include <polarssl/ssl.h>
 #include <polarssl/version.h>
 #include <polarssl/error.h>
@@ -160,8 +160,7 @@ static int tls_channel_handshake(belle_sip_tls_channel_t *channel) {
 				ssl_set_own_cert(&channel->sslctx,&channel->client_cert_chain->cert,&channel->client_cert_key->key);
 #else
 				if ((err=ssl_set_own_cert_rsa(&channel->sslctx,&channel->client_cert_chain->cert,&channel->client_cert_key->key))) {
-					char tmp[128];
-					error_strerror(err,tmp,sizeof(tmp));
+					error_strerror(err,tmp,sizeof(tmp)-1);
 					belle_sip_error("Channel [%p] cannot ssl_set_own_cert_rsa [%s]",channel,tmp);
 				}

@@ -359,16 +358,14 @@ belle_sip_channel_t * belle_sip_channel_new_tls(belle_sip_tls_listening_point_t
 	return (belle_sip_channel_t*)obj;
 }

-void belle_sip_tls_channel_set_client_certificates_chain(belle_sip_channel_t *obj, belle_sip_certificates_chain_t* cert_chain) {
-	belle_sip_tls_channel_t* channel = (belle_sip_tls_channel_t*)obj;
-	belle_sip_object_ref(cert_chain);
+void belle_sip_tls_channel_set_client_certificates_chain(belle_sip_tls_channel_t *channel, belle_sip_certificates_chain_t* cert_chain) {
+	if (cert_chain) belle_sip_object_ref(cert_chain);
 	if (channel->client_cert_chain) belle_sip_object_unref(channel->client_cert_chain);
 	channel->client_cert_chain=cert_chain;

 }
-void belle_sip_tls_channel_set_client_certificate_key(belle_sip_channel_t *obj, belle_sip_signing_key_t* key) {
-	belle_sip_tls_channel_t* channel = (belle_sip_tls_channel_t*)obj;
-	belle_sip_object_ref(key);
+void belle_sip_tls_channel_set_client_certificate_key(belle_sip_tls_channel_t *channel, belle_sip_signing_key_t* key){
+	if (key) belle_sip_object_ref(key);
 	if (channel->client_cert_key) belle_sip_object_unref(channel->client_cert_key);
 	channel->client_cert_key=key;

@@ -376,10 +373,10 @@ void belle_sip_tls_channel_set_client_certificate_key(belle_sip_channel_t *obj,


 #else /*HAVE_POLLAR_SSL*/
-void belle_sip_tls_channel_set_client_certificates_chain(belle_sip_channel_t *obj, belle_sip_certificates_chain_t* cert_chain) {
+void belle_sip_tls_channel_set_client_certificates_chain(belle_sibelle_sip_tls_channel_tp_channel_t *obj, belle_sip_certificates_chain_t* cert_chain) {
 	belle_sip_error("belle_sip_channel_set_client_certificate_chain requires TLS");
 }
-void belle_sip_tls_channel_set_client_certificate_key(belle_sip_channel_t *obj, belle_sip_signing_key_t* key) {
+void belle_sip_tls_channel_set_client_certificate_key(belle_sip_tls_channel_t *obj, belle_sip_signing_key_t* key) {
 	belle_sip_error("belle_sip_channel_set_client_certificate_key requires TLS");
 }
 #endif