1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
|
From 106937d394fe3b8edbfb506273ae429d7ded2c2c Mon Sep 17 00:00:00 2001
From: Philip Withnall <philip.withnall@collabora.co.uk>
Date: Tue, 20 Sep 2016 17:04:33 -0700
Subject: core: Assert that all downloads, uploads and queries are HTTPS
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
All callers should be using HTTPS already — for peace of mind, let’s
assert that’s the case.
---
gdata/gdata-download-stream.c | 7 ++++---
gdata/gdata-service.c | 4 +++-
gdata/gdata-upload-stream.c | 10 ++++++++--
gdata/tests/general.c | 6 +++---
gdata/tests/streams.c | 26 ++++++++++++++++++++------
5 files changed, 38 insertions(+), 15 deletions(-)
diff --git a/gdata/gdata-download-stream.c b/gdata/gdata-download-stream.c
index 67a3514..7613fd2 100644
--- a/gdata/gdata-download-stream.c
+++ b/gdata/gdata-download-stream.c
@@ -233,7 +233,7 @@ gdata_download_stream_class_init (GDataDownloadStreamClass *klass)
/**
* GDataDownloadStream:download-uri:
*
- * The URI of the file to download.
+ * The URI of the file to download. This must be HTTPS.
*
* Since: 0.5.0
**/
@@ -355,9 +355,10 @@ gdata_download_stream_constructor (GType type, guint n_construct_params, GObject
priv->cancellable = g_cancellable_new ();
priv->network_cancellable_id = g_cancellable_connect (priv->cancellable, (GCallback) cancellable_cancel_cb, priv->network_cancellable, NULL);
- /* Build the message */
+ /* Build the message. The URI must be HTTPS. */
_uri = soup_uri_new (priv->download_uri);
soup_uri_set_port (_uri, _gdata_service_get_https_port ());
+ g_assert_cmpstr (soup_uri_get_scheme (_uri), ==, SOUP_URI_SCHEME_HTTPS);
priv->message = soup_message_new_from_uri (SOUP_METHOD_GET, _uri);
soup_uri_free (_uri);
@@ -928,7 +929,7 @@ reset_network_thread (GDataDownloadStream *self)
* gdata_download_stream_new:
* @service: a #GDataService
* @domain: (allow-none): the #GDataAuthorizationDomain to authorize the download, or %NULL
- * @download_uri: the URI to download
+ * @download_uri: the URI to download; this must be HTTPS
* @cancellable: (allow-none): a #GCancellable for the entire download stream, or %NULL
*
* Creates a new #GDataDownloadStream, allowing a file to be downloaded from a GData service using standard #GInputStream API.
diff --git a/gdata/gdata-service.c b/gdata/gdata-service.c
index 2433339..9db75ba 100644
--- a/gdata/gdata-service.c
+++ b/gdata/gdata-service.c
@@ -581,9 +581,11 @@ _gdata_service_build_message (GDataService *self, GDataAuthorizationDomain *doma
GDataServiceClass *klass;
SoupURI *_uri;
- /* Create the message. Allow changing the HTTPS port just for testing. */
+ /* Create the message. Allow changing the HTTPS port just for testing,
+ * but require that the URI is always HTTPS for privacy. */
_uri = soup_uri_new (uri);
soup_uri_set_port (_uri, _gdata_service_get_https_port ());
+ g_assert_cmpstr (soup_uri_get_scheme (_uri), ==, SOUP_URI_SCHEME_HTTPS);
message = soup_message_new_from_uri (method, _uri);
soup_uri_free (_uri);
diff --git a/gdata/gdata-upload-stream.c b/gdata/gdata-upload-stream.c
index bb52ac8..c8340be 100644
--- a/gdata/gdata-upload-stream.c
+++ b/gdata/gdata-upload-stream.c
@@ -307,7 +307,7 @@ gdata_upload_stream_class_init (GDataUploadStreamClass *klass)
/**
* GDataUploadStream:upload-uri:
*
- * The URI to upload the data and metadata to.
+ * The URI to upload the data and metadata to. This must be HTTPS.
*
* Since: 0.5.0
**/
@@ -428,11 +428,17 @@ gdata_upload_stream_constructed (GObject *object)
{
GDataUploadStreamPrivate *priv;
GDataServiceClass *service_klass;
+ SoupURI *uri = NULL;
/* Chain up to the parent class */
G_OBJECT_CLASS (gdata_upload_stream_parent_class)->constructed (object);
priv = GDATA_UPLOAD_STREAM (object)->priv;
+ /* The upload URI must be HTTPS. */
+ uri = soup_uri_new (priv->upload_uri);
+ g_assert_cmpstr (soup_uri_get_scheme (uri), ==, SOUP_URI_SCHEME_HTTPS);
+ soup_uri_free (uri);
+
/* Create a #GCancellable for the entire upload operation if one wasn't specified for #GDataUploadStream:cancellable during construction */
if (priv->cancellable == NULL)
priv->cancellable = g_cancellable_new ();
@@ -1300,7 +1306,7 @@ create_network_thread (GDataUploadStream *self, GError **error)
* @service: a #GDataService
* @domain: (allow-none): the #GDataAuthorizationDomain to authorize the upload, or %NULL
* @method: the HTTP method to use
- * @upload_uri: the URI to upload
+ * @upload_uri: the URI to upload, which must be HTTPS
* @entry: (allow-none): the entry to upload as metadata, or %NULL
* @slug: the file's slug (filename)
* @content_type: the content type of the file being uploaded
diff --git a/gdata/tests/general.c b/gdata/tests/general.c
index 070d34c..2420629 100644
--- a/gdata/tests/general.c
+++ b/gdata/tests/general.c
@@ -1425,7 +1425,7 @@ test_service_network_error (void)
service = g_object_new (GDATA_TYPE_SERVICE, NULL);
/* Try a query which should always fail due to errors resolving the hostname */
- g_assert (gdata_service_query (service, NULL, "http://thisshouldnotexist.invalid", NULL, GDATA_TYPE_ENTRY,
+ g_assert (gdata_service_query (service, NULL, "https://thisshouldnotexist.invalid", NULL, GDATA_TYPE_ENTRY,
NULL, NULL, NULL, &error) == NULL);
g_assert_error (error, GDATA_SERVICE_ERROR, GDATA_SERVICE_ERROR_NETWORK_ERROR);
g_clear_error (&error);
@@ -1434,11 +1434,11 @@ test_service_network_error (void)
* Filed as bgo#632354. */
#if 0
/* Try one with a bad proxy set */
- proxy_uri = soup_uri_new ("http://thisshouldalsonotexist.invalid/proxy");
+ proxy_uri = soup_uri_new ("https://thisshouldalsonotexist.invalid/proxy");
gdata_service_set_proxy_uri (service, proxy_uri);
soup_uri_free (proxy_uri);
- g_assert (gdata_service_query (service, "http://google.com", NULL, GDATA_TYPE_ENTRY, NULL, NULL, NULL, &error) == NULL);
+ g_assert (gdata_service_query (service, "https://google.com", NULL, GDATA_TYPE_ENTRY, NULL, NULL, NULL, &error) == NULL);
g_assert_error (error, GDATA_SERVICE_ERROR, GDATA_SERVICE_ERROR_PROXY_ERROR);
g_clear_error (&error);
#endif
diff --git a/gdata/tests/streams.c b/gdata/tests/streams.c
index 91b35c6..1de8e50 100644
--- a/gdata/tests/streams.c
+++ b/gdata/tests/streams.c
@@ -161,6 +161,7 @@ create_server (SoupServerCallback callback, gpointer user_data, GMainLoop **main
GMainContext *context;
SoupServer *server;
#ifdef HAVE_LIBSOUP_2_47_3
+ gchar *cert_path = NULL, *key_path = NULL;
GError *error = NULL;
#else /* if !HAVE_LIBSOUP_2_47_3 */
union {
@@ -178,12 +179,21 @@ create_server (SoupServerCallback callback, gpointer user_data, GMainLoop **main
#ifdef HAVE_LIBSOUP_2_47_3
server = soup_server_new (NULL, NULL);
+ cert_path = g_test_build_filename (G_TEST_DIST, "cert.pem", NULL);
+ key_path = g_test_build_filename (G_TEST_DIST, "key.pem", NULL);
+
+ soup_server_set_ssl_cert_file (server, cert_path, key_path, &error);
+ g_assert_no_error (error);
+
+ g_free (key_path);
+ g_free (cert_path);
+
soup_server_add_handler (server, NULL, callback, user_data, NULL);
g_main_context_push_thread_default (context);
soup_server_listen_local (server, 0 /* random port */,
- 0 /* no options */, &error);
+ SOUP_SERVER_LISTEN_HTTPS, &error);
g_assert_no_error (error);
g_main_context_pop_thread_default (context);
@@ -216,20 +226,24 @@ build_server_uri (SoupServer *server)
{
#ifdef HAVE_LIBSOUP_2_47_3
GSList *uris; /* owned */
+ GSList *l; /* unowned */
gchar *retval = NULL; /* owned */
uris = soup_server_get_uris (server);
- if (uris == NULL) {
- return NULL;
- }
- retval = soup_uri_to_string (uris->data, FALSE);
+ for (l = uris; l != NULL && retval == NULL; l = l->next) {
+ if (soup_uri_get_scheme (l->data) == SOUP_URI_SCHEME_HTTPS) {
+ retval = soup_uri_to_string (l->data, FALSE);
+ }
+ }
g_slist_free_full (uris, (GDestroyNotify) soup_uri_free);
+ g_assert (retval != NULL);
+
return retval;
#else /* if !HAVE_LIBSOUP_2_47_3 */
- return g_strdup_printf ("http://%s:%u/",
+ return g_strdup_printf ("https://%s:%u/",
soup_address_get_physical (soup_socket_get_local_address (soup_server_get_listener (server))),
soup_server_get_port (server));
#endif /* !HAVE_LIBSOUP_2_47_3 */
--
cgit v0.12
|
GitWeb