pidgin.yaz: libpurple/certificate.c annotate

annotate libpurple/certificate.c @ 28356:aa098151ca49

applied changes from c55cc517cc0bc09b677222a63f5f466531033719 through 51ea62d1cdee93a0f6ab96f22d28cbe07ea5d13b Plucked revision 51ea62d1cdee93a0f6ab96f22d28cbe07ea5d13b from im.pidgin.pidgin.2.6.1 Original commit message: Make sure configure checks for glib and gtk 2.4.0, since that's what is needed to compile. We took a small vote on IRC or in the jabber room and we all thought it would be fine to do this rather than try to make stuff work. We'll see how it goes.

author	Mark Doliner <mark@kingant.net>
date	Wed, 19 Aug 2009 07:39:52 +0000
parents	35f3a79045a6
children	b341ae89f5ce

rev	line source
17638 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	1 /**
19075 a0138be8d725 - Typo fix William Ehlhardt <williamehlhardt@gmail.com> parents: 19067 diff changeset	2 * @file certificate.c Public-Key Certificate API
17638 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	3 * @ingroup core
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	4 */
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	5
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	6 /*
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	7 *
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	8 * purple
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	9 *
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	10 * Purple is the legal property of its developers, whose names are too numerous
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	11 * to list here. Please refer to the COPYRIGHT file distributed with this
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	12 * source distribution.
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	13 *
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	14 * This program is free software; you can redistribute it and/or modify
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	15 * it under the terms of the GNU General Public License as published by
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	16 * the Free Software Foundation; either version 2 of the License, or
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	17 * (at your option) any later version.
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	18 *
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	19 * This program is distributed in the hope that it will be useful,
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	22 * GNU General Public License for more details.
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	23 *
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	24 * You should have received a copy of the GNU General Public License
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	25 * along with this program; if not, write to the Free Software
19680 44b4e8bd759b The FSF changed its address a while ago; our files were out of date. John Bailey <rekkanoryo@rekkanoryo.org> parents: 19648 diff changeset	26 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA
17638 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	27 */
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	28
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	29 #include <glib.h>
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	30
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	31 #include "internal.h"
17638 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	32 #include "certificate.h"
19517 7bea9c9fd2a5 (Un)Register the pools with DBus to avoid a runtime fit. Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19515 diff changeset	33 #include "dbus-maybe.h"
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	34 #include "debug.h"
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	35 #include "request.h"
19044 602295db8e6b - Register the certificate-stored and certificate-deleted signals William Ehlhardt <williamehlhardt@gmail.com> parents: 19034 diff changeset	36 #include "signals.h"
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	37 #include "util.h"
17638 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	38
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	39 /** List holding pointers to all registered certificate schemes */
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	40 static GList *cert_schemes = NULL;
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	41 /** List of registered Verifiers */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	42 static GList *cert_verifiers = NULL;
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	43 /** List of registered Pools */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	44 static GList *cert_pools = NULL;
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	45
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	46 void
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	47 purple_certificate_verify (PurpleCertificateVerifier *verifier,
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	48 const gchar subject_name, GList cert_chain,
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	49 PurpleCertificateVerifiedCallback cb,
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	50 gpointer cb_data)
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	51 {
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	52 PurpleCertificateVerificationRequest *vrq;
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	53 PurpleCertificateScheme *scheme;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	54
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	55 g_return_if_fail(subject_name != NULL);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	56 /* If you don't have a cert to check, why are you requesting that it
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	57 be verified? */
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	58 g_return_if_fail(cert_chain != NULL);
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	59 g_return_if_fail(cb != NULL);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	60
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	61 /* Look up the CertificateScheme */
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	62 scheme = purple_certificate_find_scheme(verifier->scheme_name);
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	63 g_return_if_fail(scheme);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	64
18943 c519ff185569 - purple_certificate_verify attempts to check that the cert chain is of William Ehlhardt <williamehlhardt@gmail.com> parents: 18942 diff changeset	65 /* Check that at least the first cert in the chain matches the
c519ff185569 - purple_certificate_verify attempts to check that the cert chain is of William Ehlhardt <williamehlhardt@gmail.com> parents: 18942 diff changeset	66 Verifier scheme */
18960 6831c126bcf3 - Fixed an inverted assertion William Ehlhardt <williamehlhardt@gmail.com> parents: 18957 diff changeset	67 g_return_if_fail(scheme ==
18943 c519ff185569 - purple_certificate_verify attempts to check that the cert chain is of William Ehlhardt <williamehlhardt@gmail.com> parents: 18942 diff changeset	68 ((PurpleCertificate *) (cert_chain->data))->scheme);
c519ff185569 - purple_certificate_verify attempts to check that the cert chain is of William Ehlhardt <williamehlhardt@gmail.com> parents: 18942 diff changeset	69
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	70 /* Construct and fill in the request fields */
18949 8902f0d7e40f - Use g_new0 instead of g_new William Ehlhardt <williamehlhardt@gmail.com> parents: 18947 diff changeset	71 vrq = g_new0(PurpleCertificateVerificationRequest, 1);
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	72 vrq->verifier = verifier;
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	73 vrq->scheme = scheme;
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	74 vrq->subject_name = g_strdup(subject_name);
19021 fcca10d0ac7d - purple_certificate_verify no longer takes possession of the William Ehlhardt <williamehlhardt@gmail.com> parents: 19020 diff changeset	75 vrq->cert_chain = purple_certificate_copy_list(cert_chain);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	76 vrq->cb = cb;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	77 vrq->cb_data = cb_data;
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	78
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	79 /* Initiate verification */
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	80 (verifier->start_verification)(vrq);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	81 }
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	82
18946 617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	83 void
19088 f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	84 purple_certificate_verify_complete(PurpleCertificateVerificationRequest *vrq,
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	85 PurpleCertificateVerificationStatus st)
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	86 {
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	87 PurpleCertificateVerifier *vr;
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	88
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	89 g_return_if_fail(vrq);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	90
20747 17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	91 if (st == PURPLE_CERTIFICATE_VALID) {
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	92 purple_debug_info("certificate",
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	93 "Successfully verified certificate for %s\n",
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	94 vrq->subject_name);
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	95 } else {
27313 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25432 diff changeset	96 purple_debug_error("certificate",
20747 17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	97 "Failed to verify certificate for %s\n",
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	98 vrq->subject_name);
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	99 }
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	100
19088 f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	101 /* Pass the results on to the request's callback */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	102 (vrq->cb)(st, vrq->cb_data);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	103
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	104 /* And now to eliminate the request */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	105 /* Fetch the Verifier responsible... */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	106 vr = vrq->verifier;
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	107 /* ...and order it to KILL */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	108 (vr->destroy_request)(vrq);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	109
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	110 /* Now the internals have been cleaned up, so clean up the libpurple-
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	111 created elements */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	112 g_free(vrq->subject_name);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	113 purple_certificate_destroy_list(vrq->cert_chain);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	114
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	115 /* A structure born
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	116 * to much ado
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	117 * and with so much within.
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	118 * It reaches now
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	119 * its quiet end. */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	120 g_free(vrq);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	121 }
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	122
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	123
19018 d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	124 PurpleCertificate *
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	125 purple_certificate_copy(PurpleCertificate *crt)
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	126 {
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	127 g_return_val_if_fail(crt, NULL);
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	128 g_return_val_if_fail(crt->scheme, NULL);
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	129 g_return_val_if_fail(crt->scheme->copy_certificate, NULL);
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	130
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	131 return (crt->scheme->copy_certificate)(crt);
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	132 }
18947 3c6bf77bf7c4 - Add purple_certificate_verify_destroy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 18946 diff changeset	133
19020 d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	134 GList *
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	135 purple_certificate_copy_list(GList *crt_list)
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	136 {
24212 e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23917 diff changeset	137 GList new_l, l;
19020 d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	138
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	139 /* First, make a shallow copy of the list */
24212 e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23917 diff changeset	140 new_l = g_list_copy(crt_list);
19020 d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	141
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	142 /* Now go through and actually duplicate each certificate */
24212 e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23917 diff changeset	143 for (l = new_l; l; l = l->next) {
19020 d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	144 l->data = purple_certificate_copy(l->data);
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	145 }
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	146
24212 e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23917 diff changeset	147 return new_l;
19020 d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	148 }
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	149
18947 3c6bf77bf7c4 - Add purple_certificate_verify_destroy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 18946 diff changeset	150 void
18946 617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	151 purple_certificate_destroy (PurpleCertificate *crt)
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	152 {
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	153 PurpleCertificateScheme *scheme;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	154
18946 617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	155 if (NULL == crt) return;
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	156
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	157 scheme = crt->scheme;
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	158
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	159 (scheme->destroy_certificate)(crt);
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	160 }
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	161
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	162 void
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	163 purple_certificate_destroy_list (GList * crt_list)
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	164 {
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	165 PurpleCertificate *crt;
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	166 GList *l;
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	167
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	168 for (l=crt_list; l; l = l->next) {
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	169 crt = (PurpleCertificate *) l->data;
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	170 purple_certificate_destroy(crt);
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	171 }
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	172
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	173 g_list_free(crt_list);
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	174 }
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	175
19076 daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	176 gboolean
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	177 purple_certificate_signed_by(PurpleCertificate crt, PurpleCertificate issuer)
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	178 {
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	179 PurpleCertificateScheme *scheme;
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	180
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	181 g_return_val_if_fail(crt, FALSE);
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	182 g_return_val_if_fail(issuer, FALSE);
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	183
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	184 scheme = crt->scheme;
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	185 g_return_val_if_fail(scheme, FALSE);
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	186 /* We can't compare two certs of unrelated schemes, obviously */
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	187 g_return_val_if_fail(issuer->scheme == scheme, FALSE);
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	188
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	189 return (scheme->signed_by)(crt, issuer);
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	190 }
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	191
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	192 gboolean
27999 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	193 purple_certificate_check_signature_chain_with_failing(GList *chain,
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	194 PurpleCertificate **failing)
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	195 {
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	196 GList *cur;
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	197 PurpleCertificate crt, issuer;
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	198 gchar *uid;
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	199 time_t now, activation, expiration;
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	200 gboolean ret;
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	201
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	202 g_return_val_if_fail(chain, FALSE);
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	203
27999 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	204 if (failing)
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	205 *failing = NULL;
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	206
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	207 uid = purple_certificate_get_unique_id((PurpleCertificate *) chain->data);
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	208 purple_debug_info("certificate",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	209 "Checking signature chain for uid=%s\n",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	210 uid);
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	211 g_free(uid);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	212
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	213 /* If this is a single-certificate chain, say that it is valid */
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	214 if (chain->next == NULL) {
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	215 purple_debug_info("certificate",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	216 "...Singleton. We'll say it's valid.\n");
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	217 return TRUE;
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	218 }
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	219
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	220 now = time(NULL);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	221
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	222 /* Load crt with the first certificate */
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	223 crt = (PurpleCertificate *)(chain->data);
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	224 /* And start with the second certificate in the chain */
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	225 for ( cur = chain->next; cur; cur = cur->next ) {
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	226
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	227 issuer = (PurpleCertificate *)(cur->data);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	228
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	229 uid = purple_certificate_get_unique_id(issuer);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	230
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	231 ret = purple_certificate_get_times(issuer, &activation, &expiration);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	232 if (!ret \|\| now < activation \|\| now > expiration) {
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	233 if (!ret)
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	234 purple_debug_error("certificate",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	235 "...Failed to get validity times for certificate %s\n"
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	236 "Chain is INVALID\n", uid);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	237 else if (now > expiration)
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	238 purple_debug_error("certificate",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	239 "...Issuer %s expired at %s\nChain is INVALID\n",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	240 uid, ctime(&expiration));
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	241 else
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	242 purple_debug_error("certificate",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	243 "...Not-yet-activated issuer %s will be valid at %s\n"
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	244 "Chain is INVALID\n", uid, ctime(&activation));
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	245
27999 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	246 if (failing)
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	247 *failing = crt;
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	248
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	249 g_free(uid);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	250 return FALSE;
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	251 }
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	252
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	253 /* Check the signature for this link */
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	254 if (! purple_certificate_signed_by(crt, issuer) ) {
27313 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25432 diff changeset	255 purple_debug_error("certificate",
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	256 "...Bad or missing signature by %s\nChain is INVALID\n",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	257 uid);
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	258 g_free(uid);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	259
27999 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	260 if (failing)
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	261 *failing = crt;
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	262
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	263 return FALSE;
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	264 }
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	265
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	266 purple_debug_info("certificate",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	267 "...Good signature by %s\n",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	268 uid);
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	269 g_free(uid);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	270
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	271 /* The issuer is now the next crt whose signature is to be
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	272 checked */
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	273 crt = issuer;
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	274 }
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	275
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	276 /* If control reaches this point, the chain is valid */
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	277 purple_debug_info("certificate", "Chain is VALID\n");
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	278 return TRUE;
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	279 }
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	280
27999 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	281 gboolean
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	282 purple_certificate_check_signature_chain(GList *chain)
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	283 {
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	284 return purple_certificate_check_signature_chain_with_failing(chain, NULL);
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	285 }
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	286
18988 4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	287 PurpleCertificate *
18989 43d1ee6a3ed5 - Fixed naming issues in previous revision William Ehlhardt <williamehlhardt@gmail.com> parents: 18988 diff changeset	288 purple_certificate_import(PurpleCertificateScheme scheme, const gchar filename)
18988 4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	289 {
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	290 g_return_val_if_fail(scheme, NULL);
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	291 g_return_val_if_fail(scheme->import_certificate, NULL);
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	292 g_return_val_if_fail(filename, NULL);
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	293
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	294 return (scheme->import_certificate)(filename);
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	295 }
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	296
18977 31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	297 gboolean
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	298 purple_certificate_export(const gchar filename, PurpleCertificate crt)
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	299 {
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	300 PurpleCertificateScheme *scheme;
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	301
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	302 g_return_val_if_fail(filename, FALSE);
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	303 g_return_val_if_fail(crt, FALSE);
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	304 g_return_val_if_fail(crt->scheme, FALSE);
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	305
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	306 scheme = crt->scheme;
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	307 g_return_val_if_fail(scheme->export_certificate, FALSE);
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	308
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	309 return (scheme->export_certificate)(filename, crt);
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	310 }
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	311
27997 4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	312 static gboolean
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	313 byte_arrays_equal(const GByteArray array1, const GByteArray array2)
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	314 {
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	315 g_return_val_if_fail(array1 != NULL, FALSE);
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	316 g_return_val_if_fail(array2 != NULL, FALSE);
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	317
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	318 return (array1->len == array2->len) &&
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	319 (0 == memcmp(array1->data, array2->data, array1->len));
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	320 }
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	321
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	322 GByteArray *
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	323 purple_certificate_get_fingerprint_sha1(PurpleCertificate *crt)
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	324 {
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	325 PurpleCertificateScheme *scheme;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	326 GByteArray *fpr;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	327
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	328 g_return_val_if_fail(crt, NULL);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	329 g_return_val_if_fail(crt->scheme, NULL);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	330
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	331 scheme = crt->scheme;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	332
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	333 g_return_val_if_fail(scheme->get_fingerprint_sha1, NULL);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	334
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	335 fpr = (scheme->get_fingerprint_sha1)(crt);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	336
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	337 return fpr;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	338 }
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	339
18962 fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	340 gchar *
19080 3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	341 purple_certificate_get_unique_id(PurpleCertificate *crt)
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	342 {
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	343 g_return_val_if_fail(crt, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	344 g_return_val_if_fail(crt->scheme, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	345 g_return_val_if_fail(crt->scheme->get_unique_id, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	346
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	347 return (crt->scheme->get_unique_id)(crt);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	348 }
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	349
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	350 gchar *
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	351 purple_certificate_get_issuer_unique_id(PurpleCertificate *crt)
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	352 {
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	353 g_return_val_if_fail(crt, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	354 g_return_val_if_fail(crt->scheme, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	355 g_return_val_if_fail(crt->scheme->get_issuer_unique_id, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	356
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	357 return (crt->scheme->get_issuer_unique_id)(crt);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	358 }
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	359
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	360 gchar *
18962 fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	361 purple_certificate_get_subject_name(PurpleCertificate *crt)
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	362 {
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	363 PurpleCertificateScheme *scheme;
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	364 gchar *subject_name;
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	365
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	366 g_return_val_if_fail(crt, NULL);
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	367 g_return_val_if_fail(crt->scheme, NULL);
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	368
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	369 scheme = crt->scheme;
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	370
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	371 g_return_val_if_fail(scheme->get_subject_name, NULL);
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	372
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	373 subject_name = (scheme->get_subject_name)(crt);
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	374
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	375 return subject_name;
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	376 }
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	377
19008 7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	378 gboolean
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	379 purple_certificate_check_subject_name(PurpleCertificate crt, const gchar name)
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	380 {
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	381 PurpleCertificateScheme *scheme;
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	382
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	383 g_return_val_if_fail(crt, FALSE);
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	384 g_return_val_if_fail(crt->scheme, FALSE);
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	385 g_return_val_if_fail(name, FALSE);
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	386
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	387 scheme = crt->scheme;
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	388
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	389 g_return_val_if_fail(scheme->check_subject_name, FALSE);
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	390
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	391 return (scheme->check_subject_name)(crt, name);
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	392 }
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	393
19012 b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	394 gboolean
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	395 purple_certificate_get_times(PurpleCertificate crt, time_t activation, time_t *expiration)
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	396 {
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	397 PurpleCertificateScheme *scheme;
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	398
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	399 g_return_val_if_fail(crt, FALSE);
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	400
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	401 scheme = crt->scheme;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	402
19012 b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	403 g_return_val_if_fail(scheme, FALSE);
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	404
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	405 /* If both provided references are NULL, what are you doing calling
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	406 this? */
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	407 g_return_val_if_fail( (activation != NULL) \|\| (expiration != NULL), FALSE);
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	408
19067 6c0aad79c4c5 - Change the internal structure of activation/expiration times to match William Ehlhardt <williamehlhardt@gmail.com> parents: 19063 diff changeset	409 /* Throw the request on down to the certscheme */
6c0aad79c4c5 - Change the internal structure of activation/expiration times to match William Ehlhardt <williamehlhardt@gmail.com> parents: 19063 diff changeset	410 return (scheme->get_times)(crt, activation, expiration);
19012 b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	411 }
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	412
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	413 gchar *
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	414 purple_certificate_pool_mkpath(PurpleCertificatePool pool, const gchar id)
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	415 {
19010 0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	416 gchar *path;
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	417 gchar esc_scheme_name, esc_name, *esc_id;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	418
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	419 g_return_val_if_fail(pool, NULL);
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	420 g_return_val_if_fail(pool->scheme_name, NULL);
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	421 g_return_val_if_fail(pool->name, NULL);
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	422
19010 0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	423 /* Escape all the elements for filesystem-friendliness */
19033 6b4e874e47c1 - Handle NULLs given to certificate_pool_mkpath without causing errors William Ehlhardt <williamehlhardt@gmail.com> parents: 19027 diff changeset	424 esc_scheme_name = pool ? g_strdup(purple_escape_filename(pool->scheme_name)) : NULL;
6b4e874e47c1 - Handle NULLs given to certificate_pool_mkpath without causing errors William Ehlhardt <williamehlhardt@gmail.com> parents: 19027 diff changeset	425 esc_name = pool ? g_strdup(purple_escape_filename(pool->name)) : NULL;
6b4e874e47c1 - Handle NULLs given to certificate_pool_mkpath without causing errors William Ehlhardt <williamehlhardt@gmail.com> parents: 19027 diff changeset	426 esc_id = id ? g_strdup(purple_escape_filename(id)) : NULL;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	427
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	428 path = g_build_filename(purple_user_dir(),
18986 dfd9f883b774 - Correct the certstore folder paths William Ehlhardt <williamehlhardt@gmail.com> parents: 18985 diff changeset	429 "certificates", /* TODO: constantize this? */
19010 0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	430 esc_scheme_name,
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	431 esc_name,
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	432 esc_id,
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	433 NULL);
19009 b64aa0222a7a - pool_mkpath now runs purple_escape_filename on its return value William Ehlhardt <williamehlhardt@gmail.com> parents: 19008 diff changeset	434
19010 0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	435 g_free(esc_scheme_name);
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	436 g_free(esc_name);
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	437 g_free(esc_id);
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	438 return path;
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	439 }
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	440
18995 47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	441 gboolean
19034 8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	442 purple_certificate_pool_usable(PurpleCertificatePool *pool)
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	443 {
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	444 g_return_val_if_fail(pool, FALSE);
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	445 g_return_val_if_fail(pool->scheme_name, FALSE);
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	446
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	447 /* Check that the pool's scheme is loaded */
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	448 if (purple_certificate_find_scheme(pool->scheme_name) == NULL) {
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	449 return FALSE;
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	450 }
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	451
19034 8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	452 return TRUE;
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	453 }
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	454
19060 c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	455 PurpleCertificateScheme *
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	456 purple_certificate_pool_get_scheme(PurpleCertificatePool *pool)
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	457 {
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	458 g_return_val_if_fail(pool, NULL);
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	459 g_return_val_if_fail(pool->scheme_name, NULL);
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	460
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	461 return purple_certificate_find_scheme(pool->scheme_name);
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	462 }
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	463
19034 8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	464 gboolean
18995 47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	465 purple_certificate_pool_contains(PurpleCertificatePool pool, const gchar id)
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	466 {
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	467 g_return_val_if_fail(pool, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	468 g_return_val_if_fail(id, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	469 g_return_val_if_fail(pool->cert_in_pool, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	470
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	471 return (pool->cert_in_pool)(id);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	472 }
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	473
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	474 PurpleCertificate *
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	475 purple_certificate_pool_retrieve(PurpleCertificatePool pool, const gchar id)
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	476 {
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	477 g_return_val_if_fail(pool, NULL);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	478 g_return_val_if_fail(id, NULL);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	479 g_return_val_if_fail(pool->get_cert, NULL);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	480
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	481 return (pool->get_cert)(id);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	482 }
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	483
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	484 gboolean
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	485 purple_certificate_pool_store(PurpleCertificatePool pool, const gchar id, PurpleCertificate *crt)
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	486 {
19046 8599a27ad69c - Emit certificate-stored signal in purple_certificate_pool_store William Ehlhardt <williamehlhardt@gmail.com> parents: 19044 diff changeset	487 gboolean ret = FALSE;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	488
18995 47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	489 g_return_val_if_fail(pool, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	490 g_return_val_if_fail(id, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	491 g_return_val_if_fail(pool->put_cert, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	492
18996 24fc5ca67afc - Do some weak checking to ensure that you don't attempt to store a William Ehlhardt <williamehlhardt@gmail.com> parents: 18995 diff changeset	493 /* Whether crt->scheme matches find_scheme(pool->scheme_name) is not
24fc5ca67afc - Do some weak checking to ensure that you don't attempt to store a William Ehlhardt <williamehlhardt@gmail.com> parents: 18995 diff changeset	494 relevant... I think... */
24fc5ca67afc - Do some weak checking to ensure that you don't attempt to store a William Ehlhardt <williamehlhardt@gmail.com> parents: 18995 diff changeset	495 g_return_val_if_fail(
24fc5ca67afc - Do some weak checking to ensure that you don't attempt to store a William Ehlhardt <williamehlhardt@gmail.com> parents: 18995 diff changeset	496 g_ascii_strcasecmp(pool->scheme_name, crt->scheme->name) == 0,
24fc5ca67afc - Do some weak checking to ensure that you don't attempt to store a William Ehlhardt <williamehlhardt@gmail.com> parents: 18995 diff changeset	497 FALSE);
18995 47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	498
19046 8599a27ad69c - Emit certificate-stored signal in purple_certificate_pool_store William Ehlhardt <williamehlhardt@gmail.com> parents: 19044 diff changeset	499 ret = (pool->put_cert)(id, crt);
8599a27ad69c - Emit certificate-stored signal in purple_certificate_pool_store William Ehlhardt <williamehlhardt@gmail.com> parents: 19044 diff changeset	500
19050 c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	501 /* Signal that the certificate was stored if success*/
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	502 if (ret) {
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	503 purple_signal_emit(pool, "certificate-stored",
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	504 pool, id);
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	505 }
19046 8599a27ad69c - Emit certificate-stored signal in purple_certificate_pool_store William Ehlhardt <williamehlhardt@gmail.com> parents: 19044 diff changeset	506
8599a27ad69c - Emit certificate-stored signal in purple_certificate_pool_store William Ehlhardt <williamehlhardt@gmail.com> parents: 19044 diff changeset	507 return ret;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	508 }
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	509
19049 8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	510 gboolean
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	511 purple_certificate_pool_delete(PurpleCertificatePool pool, const gchar id)
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	512 {
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	513 gboolean ret = FALSE;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	514
19049 8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	515 g_return_val_if_fail(pool, FALSE);
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	516 g_return_val_if_fail(id, FALSE);
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	517 g_return_val_if_fail(pool->delete_cert, FALSE);
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	518
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	519 ret = (pool->delete_cert)(id);
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	520
19050 c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	521 /* Signal that the certificate was deleted if success */
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	522 if (ret) {
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	523 purple_signal_emit(pool, "certificate-deleted",
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	524 pool, id);
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	525 }
19049 8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	526
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	527 return ret;
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	528 }
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	529
19026 b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	530 GList *
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	531 purple_certificate_pool_get_idlist(PurpleCertificatePool *pool)
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	532 {
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	533 g_return_val_if_fail(pool, NULL);
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	534 g_return_val_if_fail(pool->get_idlist, NULL);
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	535
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	536 return (pool->get_idlist)();
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	537 }
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	538
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	539 void
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	540 purple_certificate_pool_destroy_idlist(GList *idlist)
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	541 {
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	542 GList *l;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	543
19026 b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	544 /* Iterate through and free them strings */
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	545 for ( l = idlist; l; l = l->next ) {
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	546 g_free(l->data);
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	547 }
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	548
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	549 g_list_free(idlist);
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	550 }
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	551
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	552
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	553 /****************************************************************************/
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	554 /* Builtin Verifiers, Pools, etc. */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	555 /****************************************************************************/
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	556
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	557 static void
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	558 x509_singleuse_verify_cb (PurpleCertificateVerificationRequest *vrq, gint id)
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	559 {
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	560 g_return_if_fail(vrq);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	561
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	562 purple_debug_info("certificate/x509_singleuse",
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	563 "VRQ on cert from %s gave %d\n",
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	564 vrq->subject_name, id);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	565
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	566 /* Signal what happened back to the caller */
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	567 if (1 == id) {
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	568 /* Accepted! */
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	569 purple_certificate_verify_complete(vrq,
489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	570 PURPLE_CERTIFICATE_VALID);
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	571 } else {
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	572 /* Not accepted */
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	573 purple_certificate_verify_complete(vrq,
489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	574 PURPLE_CERTIFICATE_INVALID);
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	575
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	576 }
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	577 }
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	578
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	579 static void
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	580 x509_singleuse_start_verify (PurpleCertificateVerificationRequest *vrq)
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	581 {
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	582 gchar *sha_asc;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	583 GByteArray *sha_bin;
18964 7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	584 gchar *cn;
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	585 const gchar *cn_match;
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	586 gchar primary, secondary;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	587 PurpleCertificate crt = (PurpleCertificate ) vrq->cert_chain->data;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	588
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	589 /* Pull out the SHA1 checksum */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	590 sha_bin = purple_certificate_get_fingerprint_sha1(crt);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	591 /* Now decode it for display */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	592 sha_asc = purple_base16_encode_chunked(sha_bin->data,
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	593 sha_bin->len);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	594
18964 7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	595 /* Get the cert Common Name */
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	596 cn = purple_certificate_get_subject_name(crt);
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	597
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	598 /* Determine whether the name matches */
19496 004c3e257bd0 - Even more TODO whacking William Ehlhardt <williamehlhardt@gmail.com> parents: 19495 diff changeset	599 if (purple_certificate_check_subject_name(crt, vrq->subject_name)) {
20270 d94432a338ab Translating the empty string is a bad idea. Richard Laager <rlaager@wiktel.com> parents: 20248 diff changeset	600 cn_match = "";
18964 7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	601 } else {
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	602 cn_match = _("(DOES NOT MATCH)");
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	603 }
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	604
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	605 /* Make messages */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	606 primary = g_strdup_printf(_("%s has presented the following certificate for just-this-once use:"), vrq->subject_name);
18964 7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	607 secondary = g_strdup_printf(_("Common name: %s %s\nFingerprint (SHA1): %s"), cn, cn_match, sha_asc);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	608
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	609 /* Make a semi-pretty display */
21099 51cf02dbdb0e disapproval of revision 'c484d979c4fda4433a9633ff8b69bd8a395c9479' Richard Laager <rlaager@wiktel.com> parents: 21095 diff changeset	610 purple_request_accept_cancel(
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	611 vrq->cb_data, /* TODO: Find what the handle ought to be */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	612 _("Single-use Certificate Verification"),
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	613 primary,
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	614 secondary,
22143 70fc60344317 A few more of those "default_action" fixes Mark Doliner <mark@kingant.net> parents: 22142 diff changeset	615 0, /* Accept by default */
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	616 NULL, /* No account */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	617 NULL, /* No other user */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	618 NULL, /* No associated conversation */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	619 vrq,
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	620 x509_singleuse_verify_cb,
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	621 x509_singleuse_verify_cb );
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	622
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	623 /* Cleanup */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	624 g_free(primary);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	625 g_free(secondary);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	626 g_free(sha_asc);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	627 g_byte_array_free(sha_bin, TRUE);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	628 }
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	629
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	630 static void
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	631 x509_singleuse_destroy_request (PurpleCertificateVerificationRequest *vrq)
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	632 {
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	633 /* I don't do anything! */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	634 }
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	635
22576 54e5371a6d5d Make x509_singleuse static Stu Tomlinson <stu@nosnilmot.com> parents: 22475 diff changeset	636 static PurpleCertificateVerifier x509_singleuse = {
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	637 "x509", /* Scheme name */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	638 "singleuse", /* Verifier name */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	639 x509_singleuse_start_verify, /* start_verification function */
19648 450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	640 x509_singleuse_destroy_request, /* Request cleanup operation */
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	641
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	642 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	643 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	644 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	645 NULL
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	646 };
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	647
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	648
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	649
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	650 /*** X.509 Certificate Authority pool, keyed by Distinguished Name ***/
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	651 /* This is implemented in what may be the most inefficient and bugprone way
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	652 possible; however, future optimizations should not be difficult. */
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	653
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	654 static PurpleCertificatePool x509_ca;
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	655
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	656 /** Holds a key-value pair for quickish certificate lookup */
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	657 typedef struct {
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	658 gchar *dn;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	659 PurpleCertificate *crt;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	660 } x509_ca_element;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	661
19207 8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	662 static void
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	663 x509_ca_element_free(x509_ca_element *el)
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	664 {
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	665 if (NULL == el) return;
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	666
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	667 g_free(el->dn);
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	668 purple_certificate_destroy(el->crt);
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	669 g_free(el);
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	670 }
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	671
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	672 /** System directory to probe for CA certificates */
19271 c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	673 /* This is set in the lazy_init function */
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	674 static GList *x509_ca_paths = NULL;
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	675
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	676 /** A list of loaded CAs, populated from the above path whenever the lazy_init
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	677 happens. Contains pointers to x509_ca_elements */
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	678 static GList *x509_ca_certs = NULL;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	679
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	680 /** Used for lazy initialization purposes. */
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	681 static gboolean x509_ca_initialized = FALSE;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	682
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	683 /** Adds a certificate to the in-memory cache, doing nothing else */
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	684 static gboolean
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	685 x509_ca_quiet_put_cert(PurpleCertificate *crt)
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	686 {
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	687 x509_ca_element *el;
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	688
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	689 /* lazy_init calls this function, so calling lazy_init here is a
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	690 Bad Thing */
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	691
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	692 g_return_val_if_fail(crt, FALSE);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	693 g_return_val_if_fail(crt->scheme, FALSE);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	694 /* Make sure that this is some kind of X.509 certificate */
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	695 /* TODO: Perhaps just check crt->scheme->name instead? */
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	696 g_return_val_if_fail(crt->scheme == purple_certificate_find_scheme(x509_ca.scheme_name), FALSE);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	697
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	698 el = g_new0(x509_ca_element, 1);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	699 el->dn = purple_certificate_get_unique_id(crt);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	700 el->crt = purple_certificate_copy(crt);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	701 x509_ca_certs = g_list_prepend(x509_ca_certs, el);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	702
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	703 return TRUE;
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	704 }
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	705
19271 c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	706 /* Since the libpurple CertificatePools get registered before plugins are
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	707 loaded, an X.509 Scheme is generally not available when x509_ca_init is
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	708 called, but x509_ca requires X.509 operations in order to properly load.
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	709
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	710 To solve this, I present the lazy_init function. It attempts to finish
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	711 initialization of the Pool, but it usually fails when it is called from
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	712 x509_ca_init. However, this is OK; initialization is then simply deferred
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	713 until someone tries to use functions from the pool. */
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	714 static gboolean
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	715 x509_ca_lazy_init(void)
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	716 {
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	717 PurpleCertificateScheme *x509;
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	718 GDir *certdir;
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	719 const gchar *entry;
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	720 GPatternSpec *pempat;
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	721 GList *iter = NULL;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	722
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	723 if (x509_ca_initialized) return TRUE;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	724
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	725 /* Check that X.509 is registered */
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	726 x509 = purple_certificate_find_scheme(x509_ca.scheme_name);
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	727 if ( !x509 ) {
27313 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25432 diff changeset	728 purple_debug_warning("certificate/x509/ca",
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	729 "Lazy init failed because an X.509 Scheme "
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	730 "is not yet registered. Maybe it will be "
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	731 "better later.\n");
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	732 return FALSE;
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	733 }
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	734
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	735 /* Use a glob to only read .pem files */
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	736 pempat = g_pattern_spec_new("*.pem");
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	737
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	738 /* Populate the certificates pool from the search path(s) */
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	739 for (iter = x509_ca_paths; iter; iter = iter->next) {
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	740 certdir = g_dir_open(iter->data, 0, NULL);
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	741 if (!certdir) {
22475 3225c99785b8 Fix a bunch of compiler warnings caused by my addition of G_GNUC_PRINTF() Mark Doliner <mark@kingant.net> parents: 22143 diff changeset	742 purple_debug_error("certificate/x509/ca", "Couldn't open location '%s'\n", (const char *)iter->data);
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	743 continue;
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	744 }
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	745
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	746 while ( (entry = g_dir_read_name(certdir)) ) {
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	747 gchar *fullpath;
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	748 PurpleCertificate *crt;
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	749
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	750 if ( !g_pattern_match_string(pempat, entry) ) {
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	751 continue;
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	752 }
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	753
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	754 fullpath = g_build_filename(iter->data, entry, NULL);
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	755
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	756 /* TODO: Respond to a failure in the following? */
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	757 crt = purple_certificate_import(x509, fullpath);
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	758
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	759 if (x509_ca_quiet_put_cert(crt)) {
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	760 purple_debug_info("certificate/x509/ca",
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	761 "Loaded %s\n",
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	762 fullpath);
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	763 } else {
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	764 purple_debug_error("certificate/x509/ca",
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	765 "Failed to load %s\n",
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	766 fullpath);
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	767 }
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	768
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	769 purple_certificate_destroy(crt);
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	770 g_free(fullpath);
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	771 }
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	772 g_dir_close(certdir);
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	773 }
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	774
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	775 g_pattern_spec_free(pempat);
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	776
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	777 purple_debug_info("certificate/x509/ca",
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	778 "Lazy init completed.\n");
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	779 x509_ca_initialized = TRUE;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	780 return TRUE;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	781 }
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	782
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	783 static gboolean
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	784 x509_ca_init(void)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	785 {
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	786 /* Attempt to point at the appropriate system path */
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	787 if (NULL == x509_ca_paths) {
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	788 #ifdef _WIN32
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	789 x509_ca_paths = g_list_append(NULL, g_build_filename(DATADIR,
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	790 "ca-certs", NULL));
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	791 #else
23332 390384053186 Add a configure option, --with-ssl-certificates to allow packagers to Richard Laager <rlaager@wiktel.com> parents: 23038 diff changeset	792 # ifdef SSL_CERTIFICATES_DIR
23743 e72e03fb5ef1 Fix a crash on exit when using --with-system-ssl-certs Mark Doliner <mark@kingant.net> parents: 23332 diff changeset	793 x509_ca_paths = g_list_append(NULL, g_strdup(SSL_CERTIFICATES_DIR));
23332 390384053186 Add a configure option, --with-ssl-certificates to allow packagers to Richard Laager <rlaager@wiktel.com> parents: 23038 diff changeset	794 # else
390384053186 Add a configure option, --with-ssl-certificates to allow packagers to Richard Laager <rlaager@wiktel.com> parents: 23038 diff changeset	795 # endif
24683 d9e3434d6416 uncondtionally install some certificates and use them, References #6680. Ka-Hing Cheung <khc@hxbc.us> parents: 24212 diff changeset	796 x509_ca_paths = g_list_append(x509_ca_paths,
d9e3434d6416 uncondtionally install some certificates and use them, References #6680. Ka-Hing Cheung <khc@hxbc.us> parents: 24212 diff changeset	797 g_build_filename(DATADIR, "purple", "ca-certs", NULL));
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	798 #endif
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	799 }
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	800
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	801 /* Attempt to initialize now, but if it doesn't work, that's OK;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	802 it will get done later */
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	803 if ( ! x509_ca_lazy_init()) {
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	804 purple_debug_info("certificate/x509/ca",
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	805 "Init failed, probably because a "
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	806 "dependency is not yet registered. "
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	807 "It has been deferred to later.\n");
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	808 }
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	809
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	810 return TRUE;
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	811 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	812
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	813 static void
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	814 x509_ca_uninit(void)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	815 {
19202 c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	816 GList *l;
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	817
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	818 for (l = x509_ca_certs; l; l = l->next) {
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	819 x509_ca_element *el = l->data;
19207 8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	820 x509_ca_element_free(el);
19202 c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	821 }
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	822 g_list_free(x509_ca_certs);
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	823 x509_ca_certs = NULL;
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	824 x509_ca_initialized = FALSE;
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	825 g_list_foreach(x509_ca_paths, (GFunc)g_free, NULL);
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	826 g_list_free(x509_ca_paths);
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	827 x509_ca_paths = NULL;
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	828 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	829
19203 6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	830 /** Look up a ca_element by dn */
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	831 static x509_ca_element *
19205 fff2bc09ec1a Cosmetics William Ehlhardt <williamehlhardt@gmail.com> parents: 19204 diff changeset	832 x509_ca_locate_cert(GList lst, const gchar dn)
19203 6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	833 {
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	834 GList *cur;
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	835
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	836 for (cur = lst; cur; cur = cur->next) {
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	837 x509_ca_element *el = cur->data;
25385 a6e3cb32cdd2 Patch from Paul Aurich to add purple_strequal to help readability and simplicity of code. Ie, don't need to negate the value of strcmp, since this does a strcmp and does the negation for us Paul Aurich <paul@darkrain42.org> parents: 24805 diff changeset	838 if (purple_strequal(dn, el->dn)) {
19203 6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	839 return el;
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	840 }
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	841 }
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	842 return NULL;
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	843 }
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	844
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	845 static gboolean
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	846 x509_ca_cert_in_pool(const gchar *id)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	847 {
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	848 g_return_val_if_fail(x509_ca_lazy_init(), FALSE);
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	849 g_return_val_if_fail(id, FALSE);
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	850
19205 fff2bc09ec1a Cosmetics William Ehlhardt <williamehlhardt@gmail.com> parents: 19204 diff changeset	851 if (x509_ca_locate_cert(x509_ca_certs, id) != NULL) {
19204 2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	852 return TRUE;
2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	853 } else {
2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	854 return FALSE;
2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	855 }
2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	856
2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	857 return FALSE;
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	858 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	859
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	860 static PurpleCertificate *
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	861 x509_ca_get_cert(const gchar *id)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	862 {
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	863 PurpleCertificate *crt = NULL;
19206 919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	864 x509_ca_element *el;
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	865
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	866 g_return_val_if_fail(x509_ca_lazy_init(), NULL);
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	867 g_return_val_if_fail(id, NULL);
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	868
19206 919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	869 /* Search the memory-cached pool */
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	870 el = x509_ca_locate_cert(x509_ca_certs, id);
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	871
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	872 if (el != NULL) {
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	873 /* Make a copy of the memcached one for the function caller
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	874 to play with */
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	875 crt = purple_certificate_copy(el->crt);
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	876 } else {
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	877 crt = NULL;
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	878 }
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	879
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	880 return crt;
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	881 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	882
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	883 static gboolean
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	884 x509_ca_put_cert(const gchar id, PurpleCertificate crt)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	885 {
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	886 gboolean ret = FALSE;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	887
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	888 g_return_val_if_fail(x509_ca_lazy_init(), FALSE);
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	889
19096 81163e153778 - Add a hacked-up method of adding certs to the CA pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19095 diff changeset	890 /* TODO: This is a quick way of doing this. At some point the change
81163e153778 - Add a hacked-up method of adding certs to the CA pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19095 diff changeset	891 ought to be flushed to disk somehow. */
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	892 ret = x509_ca_quiet_put_cert(crt);
19096 81163e153778 - Add a hacked-up method of adding certs to the CA pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19095 diff changeset	893
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	894 return ret;
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	895 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	896
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	897 static gboolean
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	898 x509_ca_delete_cert(const gchar *id)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	899 {
19208 7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	900 x509_ca_element *el;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	901
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	902 g_return_val_if_fail(x509_ca_lazy_init(), FALSE);
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	903 g_return_val_if_fail(id, FALSE);
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	904
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	905 /* Is the id even in the pool? */
19208 7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	906 el = x509_ca_locate_cert(x509_ca_certs, id);
7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	907 if ( el == NULL ) {
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	908 purple_debug_warning("certificate/x509/ca",
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	909 "Id %s wasn't in the pool\n",
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	910 id);
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	911 return FALSE;
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	912 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	913
19208 7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	914 /* Unlink it from the memory cache and destroy it */
7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	915 x509_ca_certs = g_list_remove(x509_ca_certs, el);
7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	916 x509_ca_element_free(el);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	917
19208 7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	918 return TRUE;
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	919 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	920
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	921 static GList *
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	922 x509_ca_get_idlist(void)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	923 {
19209 a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	924 GList l, idlist;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	925
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	926 g_return_val_if_fail(x509_ca_lazy_init(), NULL);
19209 a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	927
a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	928 idlist = NULL;
a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	929 for (l = x509_ca_certs; l; l = l->next) {
a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	930 x509_ca_element *el = l->data;
a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	931 idlist = g_list_prepend(idlist, g_strdup(el->dn));
a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	932 }
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	933
19209 a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	934 return idlist;
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	935 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	936
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	937
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	938 static PurpleCertificatePool x509_ca = {
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	939 "x509", /* Scheme name */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	940 "ca", /* Pool name */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	941 N_("Certificate Authorities"),/* User-friendly name */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	942 NULL, /* Internal data */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	943 x509_ca_init, /* init */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	944 x509_ca_uninit, /* uninit */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	945 x509_ca_cert_in_pool, /* Certificate exists? */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	946 x509_ca_get_cert, /* Cert retriever */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	947 x509_ca_put_cert, /* Cert writer */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	948 x509_ca_delete_cert, /* Cert remover */
19648 450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	949 x509_ca_get_idlist, /* idlist retriever */
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	950
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	951 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	952 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	953 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	954 NULL
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	955
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	956 };
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	957
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	958
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	959
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	960 /*** Cache of certificates given by TLS/SSL peers ***/
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	961 static PurpleCertificatePool x509_tls_peers;
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	962
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	963 static gboolean
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	964 x509_tls_peers_init(void)
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	965 {
18985 806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	966 gchar *poolpath;
806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	967 int ret;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	968
18985 806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	969 /* Set up key cache here if it isn't already done */
806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	970 poolpath = purple_certificate_pool_mkpath(&x509_tls_peers, NULL);
806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	971 ret = purple_build_dir(poolpath, 0700); /* Make it this user only */
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	972
27612 18a96fe78870 Don't fail an assertion and don't return FALSE if we can't create Mark Doliner <mark@kingant.net> parents: 27313 diff changeset	973 if (ret != 0)
18a96fe78870 Don't fail an assertion and don't return FALSE if we can't create Mark Doliner <mark@kingant.net> parents: 27313 diff changeset	974 purple_debug_info("certificate/tls_peers",
18a96fe78870 Don't fail an assertion and don't return FALSE if we can't create Mark Doliner <mark@kingant.net> parents: 27313 diff changeset	975 "Could not create %s. Certificates will not be cached.\n",
18a96fe78870 Don't fail an assertion and don't return FALSE if we can't create Mark Doliner <mark@kingant.net> parents: 27313 diff changeset	976 poolpath);
18a96fe78870 Don't fail an assertion and don't return FALSE if we can't create Mark Doliner <mark@kingant.net> parents: 27313 diff changeset	977
18985 806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	978 g_free(poolpath);
806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	979
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	980 return TRUE;
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	981 }
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	982
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	983 static gboolean
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	984 x509_tls_peers_cert_in_pool(const gchar *id)
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	985 {
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	986 gchar *keypath;
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	987 gboolean ret = FALSE;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	988
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	989 g_return_val_if_fail(id, FALSE);
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	990
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	991 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id);
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	992
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	993 ret = g_file_test(keypath, G_FILE_TEST_IS_REGULAR);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	994
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	995 g_free(keypath);
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	996 return ret;
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	997 }
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	998
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	999 static PurpleCertificate *
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1000 x509_tls_peers_get_cert(const gchar *id)
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1001 {
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1002 PurpleCertificateScheme *x509;
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1003 PurpleCertificate *crt;
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1004 gchar *keypath;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1005
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1006 g_return_val_if_fail(id, NULL);
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1007
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1008 /* Is it in the pool? */
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1009 if ( !x509_tls_peers_cert_in_pool(id) ) {
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1010 return NULL;
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1011 }
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1012
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1013 /* Look up the X.509 scheme */
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1014 x509 = purple_certificate_find_scheme("x509");
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1015 g_return_val_if_fail(x509, NULL);
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1016
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1017 /* Okay, now find and load that key */
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1018 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id);
18990 3f2944bdb404 - Finish tls_peers get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18989 diff changeset	1019 crt = purple_certificate_import(x509, keypath);
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1020
18990 3f2944bdb404 - Finish tls_peers get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18989 diff changeset	1021 g_free(keypath);
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1022
18990 3f2944bdb404 - Finish tls_peers get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18989 diff changeset	1023 return crt;
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1024 }
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1025
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1026 static gboolean
18982 8948cd6bb8bc - CertificatePool put_cert now accepts an id argument William Ehlhardt <williamehlhardt@gmail.com> parents: 18977 diff changeset	1027 x509_tls_peers_put_cert(const gchar id, PurpleCertificate crt)
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1028 {
18991 7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1029 gboolean ret = FALSE;
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1030 gchar *keypath;
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1031
18991 7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1032 g_return_val_if_fail(crt, FALSE);
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1033 g_return_val_if_fail(crt->scheme, FALSE);
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1034 /* Make sure that this is some kind of X.509 certificate */
18992 605e69fa7108 - Comment change William Ehlhardt <williamehlhardt@gmail.com> parents: 18991 diff changeset	1035 /* TODO: Perhaps just check crt->scheme->name instead? */
18991 7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1036 g_return_val_if_fail(crt->scheme == purple_certificate_find_scheme(x509_tls_peers.scheme_name), FALSE);
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1037
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1038 /* Work out the filename and export */
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1039 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id);
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1040 ret = purple_certificate_export(keypath, crt);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1041
18991 7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1042 g_free(keypath);
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1043 return ret;
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1044 }
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1045
19047 3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1046 static gboolean
19048 fd0b4b2f6cf0 - remove_cert => delete_cert, because naming conventions are our William Ehlhardt <williamehlhardt@gmail.com> parents: 19047 diff changeset	1047 x509_tls_peers_delete_cert(const gchar *id)
19047 3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1048 {
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1049 gboolean ret = FALSE;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1050 gchar *keypath;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1051
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1052 g_return_val_if_fail(id, FALSE);
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1053
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1054 /* Is the id even in the pool? */
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1055 if (!x509_tls_peers_cert_in_pool(id)) {
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1056 purple_debug_warning("certificate/tls_peers",
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1057 "Id %s wasn't in the pool\n",
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1058 id);
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1059 return FALSE;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1060 }
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1061
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1062 /* OK, so work out the keypath and delete the thing */
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1063 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id);
19047 3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1064 if ( unlink(keypath) != 0 ) {
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1065 purple_debug_error("certificate/tls_peers",
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1066 "Unlink of %s failed!\n",
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1067 keypath);
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1068 ret = FALSE;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1069 } else {
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1070 ret = TRUE;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1071 }
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1072
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1073 g_free(keypath);
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1074 return ret;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1075 }
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1076
19027 15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1077 static GList *
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1078 x509_tls_peers_get_idlist(void)
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1079 {
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1080 GList *idlist = NULL;
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1081 GDir *dir;
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1082 const gchar *entry;
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1083 gchar *poolpath;
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1084
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1085 /* Get a handle on the pool directory */
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1086 poolpath = purple_certificate_pool_mkpath(&x509_tls_peers, NULL);
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1087 dir = g_dir_open(poolpath,
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1088 0, /* No flags */
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1089 NULL); /* Not interested in what the error is */
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1090 g_free(poolpath);
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1091
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1092 g_return_val_if_fail(dir, NULL);
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1093
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1094 /* Traverse the directory listing and create an idlist */
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1095 while ( (entry = g_dir_read_name(dir)) != NULL ) {
19078 3987f76c0e4b - tls_peers pool unescapes filenames in its directory, as it should William Ehlhardt <williamehlhardt@gmail.com> parents: 19077 diff changeset	1096 /* Unescape the filename */
3987f76c0e4b - tls_peers pool unescapes filenames in its directory, as it should William Ehlhardt <williamehlhardt@gmail.com> parents: 19077 diff changeset	1097 const char *unescaped = purple_unescape_filename(entry);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1098
19027 15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1099 /* Copy the entry name into our list (GLib owns the original
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1100 string) */
19078 3987f76c0e4b - tls_peers pool unescapes filenames in its directory, as it should William Ehlhardt <williamehlhardt@gmail.com> parents: 19077 diff changeset	1101 idlist = g_list_prepend(idlist, g_strdup(unescaped));
19027 15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1102 }
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1103
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1104 /* Release the directory */
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1105 g_dir_close(dir);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1106
19027 15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1107 return idlist;
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1108 }
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1109
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1110 static PurpleCertificatePool x509_tls_peers = {
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1111 "x509", /* Scheme name */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1112 "tls_peers", /* Pool name */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1113 N_("SSL Peers Cache"), /* User-friendly name */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1114 NULL, /* Internal data */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1115 x509_tls_peers_init, /* init */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1116 NULL, /* uninit not required */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1117 x509_tls_peers_cert_in_pool, /* Certificate exists? */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1118 x509_tls_peers_get_cert, /* Cert retriever */
19026 b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	1119 x509_tls_peers_put_cert, /* Cert writer */
19049 8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	1120 x509_tls_peers_delete_cert, /* Cert remover */
19648 450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1121 x509_tls_peers_get_idlist, /* idlist retriever */
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1122
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1123 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1124 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1125 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1126 NULL
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1127 };
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1128
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1129
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1130 /*** A Verifier that uses the tls_peers cache and the CA pool to validate certificates ***/
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1131 static PurpleCertificateVerifier x509_tls_cached;
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1132
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1133
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1134 /* The following is several hacks piled together and needs to be fixed.
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1135 * It exists because show_cert (see its comments) needs the original reason
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1136 * given to user_auth in order to rebuild the dialog.
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1137 */
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1138 /* TODO: This will cause a ua_ctx to become memleaked if the request(s) get
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1139 closed by handle or otherwise abnormally. */
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1140 typedef struct {
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1141 PurpleCertificateVerificationRequest *vrq;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1142 gchar *reason;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1143 } x509_tls_cached_ua_ctx;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1144
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1145 static x509_tls_cached_ua_ctx *
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1146 x509_tls_cached_ua_ctx_new(PurpleCertificateVerificationRequest *vrq,
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1147 const gchar *reason)
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1148 {
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1149 x509_tls_cached_ua_ctx *c;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1150
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1151 c = g_new0(x509_tls_cached_ua_ctx, 1);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1152 c->vrq = vrq;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1153 c->reason = g_strdup(reason);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1154
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1155 return c;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1156 }
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1157
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1158
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1159 static void
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1160 x509_tls_cached_ua_ctx_free(x509_tls_cached_ua_ctx *c)
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1161 {
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1162 g_return_if_fail(c);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1163 g_free(c->reason);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1164 g_free(c);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1165 }
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1166
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1167 static void
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1168 x509_tls_cached_user_auth(PurpleCertificateVerificationRequest *vrq,
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1169 const gchar *reason);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1170
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1171 static void
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1172 x509_tls_cached_show_cert(x509_tls_cached_ua_ctx *c, gint id)
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1173 {
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1174 PurpleCertificate *disp_crt = c->vrq->cert_chain->data;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1175
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1176 /* Since clicking a button closes the request, show it again */
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1177 x509_tls_cached_user_auth(c->vrq, c->reason);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1178
19564 4a1812e1ec35 When you have a certificate dialog and you click on "View Certificate", Mark Doliner <mark@kingant.net> parents: 19553 diff changeset	1179 /* Show the certificate AFTER re-opening the dialog so that this
4a1812e1ec35 When you have a certificate dialog and you click on "View Certificate", Mark Doliner <mark@kingant.net> parents: 19553 diff changeset	1180 appears above the other */
4a1812e1ec35 When you have a certificate dialog and you click on "View Certificate", Mark Doliner <mark@kingant.net> parents: 19553 diff changeset	1181 purple_certificate_display_x509(disp_crt);
4a1812e1ec35 When you have a certificate dialog and you click on "View Certificate", Mark Doliner <mark@kingant.net> parents: 19553 diff changeset	1182
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1183 x509_tls_cached_ua_ctx_free(c);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1184 }
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1185
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1186 static void
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1187 x509_tls_cached_user_auth_cb (x509_tls_cached_ua_ctx *c, gint id)
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1188 {
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1189 PurpleCertificateVerificationRequest *vrq;
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1190 PurpleCertificatePool *tls_peers;
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1191
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1192 g_return_if_fail(c);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1193 g_return_if_fail(c->vrq);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1194
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1195 vrq = c->vrq;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1196
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1197 x509_tls_cached_ua_ctx_free(c);
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1198
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1199 tls_peers = purple_certificate_find_pool("x509","tls_peers");
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1200
19331 920984752314 - Fix the interpretation of the "accept cert? yes/no" choice id given by William Ehlhardt <williamehlhardt@gmail.com> parents: 19330 diff changeset	1201 if (2 == id) {
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1202 gchar *cache_id = vrq->subject_name;
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1203 purple_debug_info("certificate/x509/tls_cached",
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1204 "User ACCEPTED cert\nCaching first in chain for future use as %s...\n",
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1205 cache_id);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1206
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1207 purple_certificate_pool_store(tls_peers, cache_id,
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1208 vrq->cert_chain->data);
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1209
489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1210 purple_certificate_verify_complete(vrq,
489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1211 PURPLE_CERTIFICATE_VALID);
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1212 } else {
27313 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25432 diff changeset	1213 purple_debug_warning("certificate/x509/tls_cached",
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1214 "User REJECTED cert\n");
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1215 purple_certificate_verify_complete(vrq,
489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1216 PURPLE_CERTIFICATE_INVALID);
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1217 }
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1218 }
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1219
19515 b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1220 static void
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1221 x509_tls_cached_user_auth_accept_cb(x509_tls_cached_ua_ctx *c, gint ignore)
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1222 {
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1223 x509_tls_cached_user_auth_cb(c, 2);
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1224 }
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1225
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1226 static void
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1227 x509_tls_cached_user_auth_reject_cb(x509_tls_cached_ua_ctx *c, gint ignore)
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1228 {
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1229 x509_tls_cached_user_auth_cb(c, 1);
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1230 }
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1231
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1232 /** Validates a certificate by asking the user
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1233 * @param reason String to explain why the user needs to accept/refuse the
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1234 * certificate.
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1235 * @todo Needs a handle argument
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1236 */
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1237 static void
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1238 x509_tls_cached_user_auth(PurpleCertificateVerificationRequest *vrq,
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1239 const gchar *reason)
19000 986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1240 {
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1241 gchar *primary;
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1242
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1243 /* Make messages */
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1244 primary = g_strdup_printf(_("Accept certificate for %s?"),
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1245 vrq->subject_name);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1246
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1247 /* Make a semi-pretty display */
21099 51cf02dbdb0e disapproval of revision 'c484d979c4fda4433a9633ff8b69bd8a395c9479' Richard Laager <rlaager@wiktel.com> parents: 21095 diff changeset	1248 purple_request_action(
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1249 vrq->cb_data, /* TODO: Find what the handle ought to be */
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1250 _("SSL Certificate Verification"),
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1251 primary,
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1252 reason,
22142 1f3f2d2c9a2b A few more "purple_request_action" default action corrections Mark Doliner <mark@kingant.net> parents: 21929 diff changeset	1253 0, /* Accept by default */
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1254 NULL, /* No account */
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1255 NULL, /* No other user */
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1256 NULL, /* No associated conversation */
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1257 x509_tls_cached_ua_ctx_new(vrq, reason),
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1258 3, /* Number of actions */
19534 126c5235627b - Change wording on certificate accept/reject dialog William Ehlhardt <williamehlhardt@gmail.com> parents: 19517 diff changeset	1259 _("Accept"), x509_tls_cached_user_auth_accept_cb,
126c5235627b - Change wording on certificate accept/reject dialog William Ehlhardt <williamehlhardt@gmail.com> parents: 19517 diff changeset	1260 _("Reject"), x509_tls_cached_user_auth_reject_cb,
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1261 _("_View Certificate..."), x509_tls_cached_show_cert);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1262
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1263 /* Cleanup */
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1264 g_free(primary);
19000 986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1265 }
986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1266
986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1267 static void
21929 cedbb3860134 If a peer certificate does not match our cached cert, do not auto reject it! Stu Tomlinson <stu@nosnilmot.com> parents: 21927 diff changeset	1268 x509_tls_cached_unknown_peer(PurpleCertificateVerificationRequest *vrq);
cedbb3860134 If a peer certificate does not match our cached cert, do not auto reject it! Stu Tomlinson <stu@nosnilmot.com> parents: 21927 diff changeset	1269
cedbb3860134 If a peer certificate does not match our cached cert, do not auto reject it! Stu Tomlinson <stu@nosnilmot.com> parents: 21927 diff changeset	1270 static void
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1271 x509_tls_cached_cert_in_cache(PurpleCertificateVerificationRequest *vrq)
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1272 {
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1273 /* TODO: Looking this up by name over and over is expensive.
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1274 Fix, please! */
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1275 PurpleCertificatePool *tls_peers =
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1276 purple_certificate_find_pool(x509_tls_cached.scheme_name,
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1277 "tls_peers");
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1278
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1279 /* The peer's certificate should be the first in the list */
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1280 PurpleCertificate *peer_crt =
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1281 (PurpleCertificate *) vrq->cert_chain->data;
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1282
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1283 PurpleCertificate *cached_crt;
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1284 GByteArray peer_fpr, cached_fpr;
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1285
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1286 /* Load up the cached certificate */
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1287 cached_crt = purple_certificate_pool_retrieve(
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1288 tls_peers, vrq->subject_name);
19553 f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	1289 if ( !cached_crt ) {
27643 199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27612 diff changeset	1290 purple_debug_warning("certificate/x509/tls_cached",
19553 f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	1291 "Lookup failed on cached certificate!\n"
27643 199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27612 diff changeset	1292 "Falling back to full verification.\n");
199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27612 diff changeset	1293 /* vrq now becomes the problem of unknown_peer */
199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27612 diff changeset	1294 x509_tls_cached_unknown_peer(vrq);
24805 7608cf033a88 Prevent a NULL ptr deref when unexpected stuff happens in the cert cache. Fixes #7776,#7769 Daniel Atallah <daniel.atallah@gmail.com> parents: 24683 diff changeset	1295 return;
19553 f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	1296 }
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1297
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1298 /* Now get SHA1 sums for both and compare them */
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1299 /* TODO: This is not an elegant way to compare certs */
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1300 peer_fpr = purple_certificate_get_fingerprint_sha1(peer_crt);
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1301 cached_fpr = purple_certificate_get_fingerprint_sha1(cached_crt);
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1302 if (!memcmp(peer_fpr->data, cached_fpr->data, peer_fpr->len)) {
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1303 purple_debug_info("certificate/x509/tls_cached",
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1304 "Peer cert matched cached\n");
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1305 /* vrq is now finished */
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1306 purple_certificate_verify_complete(vrq,
489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1307 PURPLE_CERTIFICATE_VALID);
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1308 } else {
27313 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25432 diff changeset	1309 purple_debug_error("certificate/x509/tls_cached",
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1310 "Peer cert did NOT match cached\n");
21929 cedbb3860134 If a peer certificate does not match our cached cert, do not auto reject it! Stu Tomlinson <stu@nosnilmot.com> parents: 21927 diff changeset	1311 /* vrq now becomes the problem of the user */
cedbb3860134 If a peer certificate does not match our cached cert, do not auto reject it! Stu Tomlinson <stu@nosnilmot.com> parents: 21927 diff changeset	1312 x509_tls_cached_unknown_peer(vrq);
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1313 }
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1314
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1315 purple_certificate_destroy(cached_crt);
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1316 g_byte_array_free(peer_fpr, TRUE);
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1317 g_byte_array_free(cached_fpr, TRUE);
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1318 }
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1319
28070 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1320 /*
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1321 * This is called from two points in x509_tls_cached_unknown_peer below
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1322 * once we've verified the signature chain is valid. Now we need to verify
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1323 * the subject name of the certificate.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1324 */
19085 1bd9557f866e In tls_cached Verifier: William Ehlhardt <williamehlhardt@gmail.com> parents: 19084 diff changeset	1325 static void
28100 f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1326 x509_tls_cached_check_subject_name(PurpleCertificateVerificationRequest *vrq,
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1327 gboolean had_ca_pool)
19085 1bd9557f866e In tls_cached Verifier: William Ehlhardt <williamehlhardt@gmail.com> parents: 19084 diff changeset	1328 {
28070 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1329 PurpleCertificatePool *tls_peers;
27999 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27997 diff changeset	1330 PurpleCertificate *peer_crt;
19089 c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1331 GList *chain = vrq->cert_chain;
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1332
19090 5310b1294287 - Add HOSTNAME CHECKING to tls_cached unknown_peer mode, which is kind William Ehlhardt <williamehlhardt@gmail.com> parents: 19089 diff changeset	1333 peer_crt = (PurpleCertificate *) chain->data;
5310b1294287 - Add HOSTNAME CHECKING to tls_cached unknown_peer mode, which is kind William Ehlhardt <williamehlhardt@gmail.com> parents: 19089 diff changeset	1334
21927 a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1335 /* Last, check that the hostname matches */
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1336 if ( ! purple_certificate_check_subject_name(peer_crt,
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1337 vrq->subject_name) ) {
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1338 gchar *sn = purple_certificate_get_subject_name(peer_crt);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1339
27313 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25432 diff changeset	1340 purple_debug_error("certificate/x509/tls_cached",
21927 a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1341 "Name mismatch: Certificate given for %s "
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1342 "has a name of %s\n",
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1343 vrq->subject_name, sn);
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1344
28100 f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1345 if (had_ca_pool) {
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1346 /* Prompt the user to authenticate the certificate */
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1347 /* TODO: Provide the user with more guidance about why he is
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1348 being prompted */
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1349 /* vrq will be completed by user_auth */
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1350 gchar *msg;
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1351 msg = g_strdup_printf(_("The certificate presented by \"%s\" "
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1352 "claims to be from \"%s\" instead. "
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1353 "This could mean that you are not "
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1354 "connecting to the service you "
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1355 "believe you are."),
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1356 vrq->subject_name, sn);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1357
28100 f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1358 x509_tls_cached_user_auth(vrq, msg);
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1359 g_free(msg);
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1360 } else {
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1361 /* Had no CA pool, so couldn't verify the chain and
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1362 * the subject name isn't valid.
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1363 * I think this is bad enough to warrant a fatal error. It's
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1364 * not likely anyway...
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1365 */
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1366 purple_notify_error(NULL, /* TODO: Probably wrong. */
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1367 _("SSL Certificate Error"),
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1368 _("Invalid certificate chain"),
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1369 _("You have no database of root certificates, so "
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1370 "this certificate cannot be validated."));
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1371 }
21927 a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1372
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1373 g_free(sn);
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1374 return;
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1375 } /* if (name mismatch) */
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1376
28129 c72d171565c4 cert: Fix a reversed check. Oops. Paul Aurich <paul@darkrain42.org> parents: 28101 diff changeset	1377 if (!had_ca_pool) {
28100 f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1378 /* The subject name is correct, but we weren't able to verify the
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1379 * chain because there was no pool of root CAs found. Prompt the user
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1380 * to validate it.
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1381 */
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1382
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1383 /* vrq will be completed by user_auth */
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1384 x509_tls_cached_user_auth(vrq,_("You have no database of root "
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1385 "certificates, so this "
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1386 "certificate cannot be "
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1387 "validated."));
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1388 return;
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1389 }
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1390
19089 c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1391 /* If we reach this point, the certificate is good. */
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1392 /* Look up the local cache and store it there for future use */
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1393 tls_peers = purple_certificate_find_pool(x509_tls_cached.scheme_name,
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1394 "tls_peers");
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1395
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1396 if (tls_peers) {
19553 f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	1397 if (!purple_certificate_pool_store(tls_peers,vrq->subject_name,
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	1398 peer_crt) ) {
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	1399 purple_debug_error("certificate/x509/tls_cached",
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	1400 "FAILED to cache peer certificate\n");
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	1401 }
19089 c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1402 } else {
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1403 purple_debug_error("certificate/x509/tls_cached",
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1404 "Unable to locate tls_peers certificate "
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1405 "cache.\n");
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1406 }
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1407
19089 c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1408 /* Whew! Done! */
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1409 purple_certificate_verify_complete(vrq, PURPLE_CERTIFICATE_VALID);
28070 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1410
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1411 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1412
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1413 /* For when we've never communicated with this party before */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1414 /* TODO: Need ways to specify possibly multiple problems with a cert, or at
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1415 least reprioritize them.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1416 */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1417 static void
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1418 x509_tls_cached_unknown_peer(PurpleCertificateVerificationRequest *vrq)
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1419 {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1420 PurpleCertificatePool *ca;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1421 PurpleCertificate *peer_crt;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1422 PurpleCertificate ca_crt, end_crt;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1423 PurpleCertificate *failing_crt;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1424 GList *chain = vrq->cert_chain;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1425 GByteArray last_fpr, ca_fpr;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1426 gchar *ca_id;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1427
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1428 peer_crt = (PurpleCertificate *) chain->data;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1429
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1430 /* TODO: Figure out a way to check for a bad signature, as opposed to
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1431 "not self-signed" */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1432 if ( purple_certificate_signed_by(peer_crt, peer_crt) ) {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1433 gchar *msg;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1434
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1435 purple_debug_info("certificate/x509/tls_cached",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1436 "Certificate for %s is self-signed.\n",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1437 vrq->subject_name);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1438
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1439 /* Prompt the user to authenticate the certificate */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1440 /* vrq will be completed by user_auth */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1441 msg = g_strdup_printf(_("The certificate presented by \"%s\" "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1442 "is self-signed. It cannot be "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1443 "automatically checked."),
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1444 vrq->subject_name);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1445
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1446 x509_tls_cached_user_auth(vrq,msg);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1447
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1448 g_free(msg);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1449 return;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1450 } /* if (self signed) */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1451
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1452 /* Next, attempt to verify the last certificate against a CA */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1453 ca = purple_certificate_find_pool(x509_tls_cached.scheme_name, "ca");
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1454
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1455 /* Next, check that the certificate chain is valid */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1456 if (!purple_certificate_check_signature_chain_with_failing(chain,
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1457 &failing_crt))
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1458 {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1459 gboolean chain_validated = FALSE;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1460 /*
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1461 * Check if the failing certificate is in the CA store. If it is, then
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1462 * consider this fully validated. This works around issues with some
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1463 * prominent intermediate CAs whose signature is md5WithRSAEncryption.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1464 * I'm looking at CACert Class 3 here. See #4458 for details.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1465 */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1466 if (ca) {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1467 gchar *uid = purple_certificate_get_unique_id(failing_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1468 PurpleCertificate *ca_crt = purple_certificate_pool_retrieve(ca, uid);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1469 if (ca_crt != NULL) {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1470 GByteArray *failing_fpr;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1471 GByteArray *ca_fpr;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1472 failing_fpr = purple_certificate_get_fingerprint_sha1(failing_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1473 ca_fpr = purple_certificate_get_fingerprint_sha1(ca_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1474 if (byte_arrays_equal(failing_fpr, ca_fpr)) {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1475 purple_debug_info("certificate/x509/tls_cached",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1476 "Full chain verification failed (probably a bad "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1477 "signature algorithm), but found the last "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1478 "certificate %s in the CA pool.\n", uid);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1479 chain_validated = TRUE;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1480 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1481
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1482 g_byte_array_free(failing_fpr, TRUE);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1483 g_byte_array_free(ca_fpr, TRUE);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1484 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1485
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1486 purple_certificate_destroy(ca_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1487 g_free(uid);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1488 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1489
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1490 /*
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1491 * If we get here, either the cert matched the stuff right above
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1492 * or it didn't, in which case we give up and complain to the user.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1493 */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1494 if (chain_validated) {
28100 f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1495 x509_tls_cached_check_subject_name(vrq, TRUE);
28070 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1496 } else {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1497 /* TODO: Tell the user where the chain broke? */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1498 /* TODO: This error will hopelessly confuse any
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1499 non-elite user. */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1500 gchar *secondary;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1501
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1502 secondary = g_strdup_printf(_("The certificate chain presented"
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1503 " for %s is not valid."),
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1504 vrq->subject_name);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1505
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1506 /* TODO: Make this error either block the ensuing SSL
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1507 connection error until the user dismisses this one, or
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1508 stifle it. */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1509 purple_notify_error(NULL, /* TODO: Probably wrong. */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1510 _("SSL Certificate Error"),
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1511 _("Invalid certificate chain"),
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1512 secondary );
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1513 g_free(secondary);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1514
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1515 /* Okay, we're done here */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1516 purple_certificate_verify_complete(vrq,
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1517 PURPLE_CERTIFICATE_INVALID);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1518 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1519
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1520 return;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1521 } /* if (signature chain not good) */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1522
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1523 /* If, for whatever reason, there is no Certificate Authority pool
28100 f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1524 loaded, we'll verify the subject name and then warn about thsi. */
28070 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1525 if ( !ca ) {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1526 purple_debug_error("certificate/x509/tls_cached",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1527 "No X.509 Certificate Authority pool "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1528 "could be found!\n");
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1529
28100 f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1530 x509_tls_cached_check_subject_name(vrq, FALSE);
28070 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1531 return;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1532 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1533
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1534 end_crt = g_list_last(chain)->data;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1535
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1536 /* Attempt to look up the last certificate's issuer */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1537 ca_id = purple_certificate_get_issuer_unique_id(end_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1538 purple_debug_info("certificate/x509/tls_cached",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1539 "Checking for a CA with DN=%s\n",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1540 ca_id);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1541 ca_crt = purple_certificate_pool_retrieve(ca, ca_id);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1542 if ( NULL == ca_crt ) {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1543 purple_debug_warning("certificate/x509/tls_cached",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1544 "Certificate Authority with DN='%s' not "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1545 "found. I'll prompt the user, I guess.\n",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1546 ca_id);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1547 g_free(ca_id);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1548 /* vrq will be completed by user_auth */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1549 x509_tls_cached_user_auth(vrq,_("The root certificate this "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1550 "one claims to be issued by "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1551 "is unknown to Pidgin."));
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1552 return;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1553 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1554
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1555 g_free(ca_id);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1556
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1557 /*
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1558 * Check the fingerprints; if they match, then this certificate is one
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1559 * of the designated "trusted roots", and we don't need to verify the
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1560 * signature. This is good because some of the older roots are self-signed
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1561 * with bad hash algorithms that we don't want to allow in any other
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1562 * circumstances (one of Verisign's root CAs is self-signed with MD2).
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1563 *
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1564 * If the fingerprints don't match, we'll fall back to checking the
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1565 * signature.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1566 *
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1567 * GnuTLS doesn't seem to include the final root in the verification
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1568 * list, so this check will never succeed. NSS does include it in
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1569 * the list, so here we are.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1570 */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1571 last_fpr = purple_certificate_get_fingerprint_sha1(end_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1572 ca_fpr = purple_certificate_get_fingerprint_sha1(ca_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1573
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1574 if ( !byte_arrays_equal(last_fpr, ca_fpr) &&
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1575 !purple_certificate_signed_by(end_crt, ca_crt) )
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1576 {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1577 /* TODO: If signed_by ever returns a reason, maybe mention
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1578 that, too. */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1579 /* TODO: Also mention the CA involved. While I could do this
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1580 now, a full DN is a little much with which to assault the
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1581 user's poor, leaky eyes. */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1582 /* TODO: This error message makes my eyes cross, and I wrote it */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1583 gchar * secondary =
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1584 g_strdup_printf(_("The certificate chain presented by "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1585 "%s does not have a valid digital "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1586 "signature from the Certificate "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1587 "Authority from which it claims to "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1588 "have a signature."),
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1589 vrq->subject_name);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1590
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1591 purple_notify_error(NULL, /* TODO: Probably wrong */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1592 _("SSL Certificate Error"),
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1593 _("Invalid certificate authority"
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1594 " signature"),
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1595 secondary);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1596 g_free(secondary);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1597
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1598 /* Signal "bad cert" */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1599 purple_certificate_verify_complete(vrq,
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1600 PURPLE_CERTIFICATE_INVALID);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1601
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1602 purple_certificate_destroy(ca_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1603 g_byte_array_free(ca_fpr, TRUE);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1604 g_byte_array_free(last_fpr, TRUE);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1605 return;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1606 } /* if (CA signature not good) */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1607
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1608 g_byte_array_free(ca_fpr, TRUE);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1609 g_byte_array_free(last_fpr, TRUE);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27999 diff changeset	1610
28100 f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 28070 diff changeset	1611 x509_tls_cached_check_subject_name(vrq, TRUE);
19085 1bd9557f866e In tls_cached Verifier: William Ehlhardt <williamehlhardt@gmail.com> parents: 19084 diff changeset	1612 }
1bd9557f866e In tls_cached Verifier: William Ehlhardt <williamehlhardt@gmail.com> parents: 19084 diff changeset	1613
19000 986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1614 static void
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1615 x509_tls_cached_start_verify(PurpleCertificateVerificationRequest *vrq)
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1616 {
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1617 const gchar tls_peers_name = "tls_peers"; / Name of local cache */
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1618 PurpleCertificatePool *tls_peers;
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1619 time_t now, activation, expiration;
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1620 gboolean ret;
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1621
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1622 g_return_if_fail(vrq);
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1623
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1624 purple_debug_info("certificate/x509/tls_cached",
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1625 "Starting verify for %s\n",
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1626 vrq->subject_name);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1627
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1628 /*
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1629 * Verify the first certificate (the main one) has been activated and
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1630 * isn't expired, i.e. activation < now < expiration.
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1631 */
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1632 now = time(NULL);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1633 ret = purple_certificate_get_times(vrq->cert_chain->data, &activation,
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1634 &expiration);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1635 if (!ret \|\| now > expiration \|\| now < activation) {
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1636 gchar *secondary;
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1637
28320 6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1638 if (!ret) {
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1639 purple_debug_error("certificate/x509/tls_cached",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1640 "Failed to get validity times for certificate %s\n",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1641 vrq->subject_name);
28320 6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1642 secondary = g_strdup_printf(_("Failed to validate expiration time "
6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1643 "for %s"), vrq->subject_name);
6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1644 } else if (now > expiration) {
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1645 purple_debug_error("certificate/x509/tls_cached",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1646 "Certificate %s expired at %s\n",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1647 vrq->subject_name, ctime(&expiration));
28320 6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1648 secondary = g_strdup_printf(_("The certificate for %s is expired."),
6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1649 vrq->subject_name);
6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1650 } else {
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1651 purple_debug_error("certificate/x509/tls_cached",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1652 "Certificate %s is not yet valid, will be at %s\n",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1653 vrq->subject_name, ctime(&activation));
28320 6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1654 secondary = g_strdup_printf(_("The certificate for %s should not "
6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1655 "yet be in use."), vrq->subject_name);
6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1656 }
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1657
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1658 purple_notify_error(NULL, /* TODO: Probably wrong. */
28320 6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1659 _("SSL Certificate Error"),
6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1660 _("Invalid certificate chain"),
6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1661 secondary );
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1662 g_free(secondary);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1663
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1664 /* Okay, we're done here */
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1665 purple_certificate_verify_complete(vrq,
28320 6dd97a284d65 Better errors for certificate expiration/activation checking. Paul Aurich <paul@darkrain42.org> parents: 27992 diff changeset	1666 PURPLE_CERTIFICATE_INVALID);
27992 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1667 return;
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1668 }
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27643 diff changeset	1669
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1670 tls_peers = purple_certificate_find_pool(x509_tls_cached.scheme_name,tls_peers_name);
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1671
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1672 if (!tls_peers) {
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1673 purple_debug_error("certificate/x509/tls_cached",
23917 11f98b1e605b remove misleading portion of the debug line Ka-Hing Cheung <khc@hxbc.us> parents: 23743 diff changeset	1674 "Couldn't find local peers cache %s\n",
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1675 tls_peers_name);
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1676
20247 e6315ec87124 applied changes from 92e6c32278d711f0d5807c4d931b26162e4a720f Richard Laager <rlaager@wiktel.com> parents: 19687 diff changeset	1677
e6315ec87124 applied changes from 92e6c32278d711f0d5807c4d931b26162e4a720f Richard Laager <rlaager@wiktel.com> parents: 19687 diff changeset	1678 /* vrq now becomes the problem of unknown_peer */
e6315ec87124 applied changes from 92e6c32278d711f0d5807c4d931b26162e4a720f Richard Laager <rlaager@wiktel.com> parents: 19687 diff changeset	1679 x509_tls_cached_unknown_peer(vrq);
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1680 return;
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1681 }
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1682
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1683 /* Check if the peer has a certificate cached already */
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1684 purple_debug_info("certificate/x509/tls_cached",
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1685 "Checking for cached cert...\n");
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1686 if (purple_certificate_pool_contains(tls_peers, vrq->subject_name)) {
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1687 purple_debug_info("certificate/x509/tls_cached",
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1688 "...Found cached cert\n");
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1689 /* vrq is now the responsibility of cert_in_cache */
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1690 x509_tls_cached_cert_in_cache(vrq);
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1691 } else {
27313 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25432 diff changeset	1692 purple_debug_warning("certificate/x509/tls_cached",
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1693 "...Not in cache\n");
19000 986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1694 /* vrq now becomes the problem of unknown_peer */
986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1695 x509_tls_cached_unknown_peer(vrq);
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1696 }
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1697 }
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1698
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1699 static void
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1700 x509_tls_cached_destroy_request(PurpleCertificateVerificationRequest *vrq)
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1701 {
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1702 g_return_if_fail(vrq);
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1703 }
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1704
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1705 static PurpleCertificateVerifier x509_tls_cached = {
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1706 "x509", /* Scheme name */
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1707 "tls_cached", /* Verifier name */
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1708 x509_tls_cached_start_verify, /* Verification begin */
19648 450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1709 x509_tls_cached_destroy_request,/* Request cleanup */
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1710
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1711 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1712 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1713 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1714 NULL
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1715
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1716 };
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1717
18950 f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1718 /****************************************************************************/
f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1719 /* Subsystem */
f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1720 /****************************************************************************/
f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1721 void
18957 9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1722 purple_certificate_init(void)
18950 f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1723 {
18957 9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1724 /* Register builtins */
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	1725 purple_certificate_register_verifier(&x509_singleuse);
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1726 purple_certificate_register_pool(&x509_ca);
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1727 purple_certificate_register_pool(&x509_tls_peers);
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1728 purple_certificate_register_verifier(&x509_tls_cached);
18950 f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1729 }
18946 617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	1730
18957 9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1731 void
9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1732 purple_certificate_uninit(void)
9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1733 {
19024 264f00bc8f22 - Change certificate_uninit to unregister all Pools, Schemes, and William Ehlhardt <williamehlhardt@gmail.com> parents: 19023 diff changeset	1734 /* Unregister all Verifiers */
24999 fc8fd4fef166 Fix a crash on exit with a patch from im.pidgin.next.minor. Elliott Sales de Andrade <qulogic@pidgin.im> parents: 24805 diff changeset	1735 g_list_foreach(cert_verifiers, (GFunc)purple_certificate_unregister_verifier, NULL);
19024 264f00bc8f22 - Change certificate_uninit to unregister all Pools, Schemes, and William Ehlhardt <williamehlhardt@gmail.com> parents: 19023 diff changeset	1736
264f00bc8f22 - Change certificate_uninit to unregister all Pools, Schemes, and William Ehlhardt <williamehlhardt@gmail.com> parents: 19023 diff changeset	1737 /* Unregister all Pools */
24999 fc8fd4fef166 Fix a crash on exit with a patch from im.pidgin.next.minor. Elliott Sales de Andrade <qulogic@pidgin.im> parents: 24805 diff changeset	1738 g_list_foreach(cert_pools, (GFunc)purple_certificate_unregister_pool, NULL);
18957 9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1739 }
9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1740
19022 1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1741 gpointer
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1742 purple_certificate_get_handle(void)
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1743 {
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1744 static gint handle;
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1745 return &handle;
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1746 }
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1747
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1748 PurpleCertificateScheme *
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1749 purple_certificate_find_scheme(const gchar *name)
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1750 {
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1751 PurpleCertificateScheme *scheme = NULL;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1752 GList *l;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1753
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1754 g_return_val_if_fail(name, NULL);
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1755
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1756 /* Traverse the list of registered schemes and locate the
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1757 one whose name matches */
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1758 for(l = cert_schemes; l; l = l->next) {
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1759 scheme = (PurpleCertificateScheme *)(l->data);
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1760
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1761 /* Name matches? that's our man */
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1762 if(!g_ascii_strcasecmp(scheme->name, name))
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1763 return scheme;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1764 }
17638 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	1765
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1766 purple_debug_warning("certificate",
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1767 "CertificateScheme %s requested but not found.\n",
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1768 name);
17638 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	1769
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1770 /* TODO: Signalling and such? */
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1771
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1772 return NULL;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1773 }
17638 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	1774
19023 eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1775 GList *
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1776 purple_certificate_get_schemes(void)
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1777 {
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1778 return cert_schemes;
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1779 }
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1780
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1781 gboolean
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1782 purple_certificate_register_scheme(PurpleCertificateScheme *scheme)
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1783 {
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1784 g_return_val_if_fail(scheme != NULL, FALSE);
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1785
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1786 /* Make sure no scheme is registered with the same name */
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1787 if (purple_certificate_find_scheme(scheme->name) != NULL) {
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1788 return FALSE;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1789 }
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1790
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1791 /* Okay, we're golden. Register it. */
18972 486563a6bb5c - prepend > append William Ehlhardt <williamehlhardt@gmail.com> parents: 18971 diff changeset	1792 cert_schemes = g_list_prepend(cert_schemes, scheme);
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1793
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1794 /* TODO: Signalling and such? */
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1795
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1796 purple_debug_info("certificate",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1797 "CertificateScheme %s registered\n",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1798 scheme->name);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1799
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1800 return TRUE;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17641 diff changeset	1801 }
18926 8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1802
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1803 gboolean
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1804 purple_certificate_unregister_scheme(PurpleCertificateScheme *scheme)
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1805 {
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1806 if (NULL == scheme) {
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1807 purple_debug_warning("certificate",
18973 28673b6fb8a2 - Fix some errors and return values William Ehlhardt <williamehlhardt@gmail.com> parents: 18972 diff changeset	1808 "Attempting to unregister NULL scheme\n");
28673b6fb8a2 - Fix some errors and return values William Ehlhardt <williamehlhardt@gmail.com> parents: 18972 diff changeset	1809 return FALSE;
18926 8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1810 }
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1811
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1812 /* TODO: signalling? */
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1813
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1814 /* TODO: unregister all CertificateVerifiers for this scheme?*/
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1815 /* TODO: unregister all CertificatePools for this scheme? */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1816 /* Neither of the above should be necessary, though */
18926 8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1817 cert_schemes = g_list_remove(cert_schemes, scheme);
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1818
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1819 purple_debug_info("certificate",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1820 "CertificateScheme %s unregistered\n",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1821 scheme->name);
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1822
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1823
18926 8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1824 return TRUE;
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1825 }
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1826
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1827 PurpleCertificateVerifier *
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1828 purple_certificate_find_verifier(const gchar scheme_name, const gchar ver_name)
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1829 {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1830 PurpleCertificateVerifier *vr = NULL;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1831 GList *l;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1832
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1833 g_return_val_if_fail(scheme_name, NULL);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1834 g_return_val_if_fail(ver_name, NULL);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1835
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1836 /* Traverse the list of registered verifiers and locate the
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1837 one whose name matches */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1838 for(l = cert_verifiers; l; l = l->next) {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1839 vr = (PurpleCertificateVerifier *)(l->data);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1840
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1841 /* Scheme and name match? */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1842 if(!g_ascii_strcasecmp(vr->scheme_name, scheme_name) &&
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1843 !g_ascii_strcasecmp(vr->name, ver_name))
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1844 return vr;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1845 }
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1846
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1847 purple_debug_warning("certificate",
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1848 "CertificateVerifier %s, %s requested but not found.\n",
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1849 scheme_name, ver_name);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1850
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1851 /* TODO: Signalling and such? */
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1852
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1853 return NULL;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1854 }
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1855
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1856
19023 eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1857 GList *
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1858 purple_certificate_get_verifiers(void)
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1859 {
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1860 return cert_verifiers;
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1861 }
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1862
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1863 gboolean
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1864 purple_certificate_register_verifier(PurpleCertificateVerifier *vr)
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1865 {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1866 g_return_val_if_fail(vr != NULL, FALSE);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1867
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1868 /* Make sure no verifier is registered with the same scheme/name */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1869 if (purple_certificate_find_verifier(vr->scheme_name, vr->name) != NULL) {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1870 return FALSE;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1871 }
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1872
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1873 /* Okay, we're golden. Register it. */
18972 486563a6bb5c - prepend > append William Ehlhardt <williamehlhardt@gmail.com> parents: 18971 diff changeset	1874 cert_verifiers = g_list_prepend(cert_verifiers, vr);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1875
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1876 /* TODO: Signalling and such? */
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1877
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1878 purple_debug_info("certificate",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1879 "CertificateVerifier %s registered\n",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1880 vr->name);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1881 return TRUE;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1882 }
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1883
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1884 gboolean
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1885 purple_certificate_unregister_verifier(PurpleCertificateVerifier *vr)
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1886 {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1887 if (NULL == vr) {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1888 purple_debug_warning("certificate",
18973 28673b6fb8a2 - Fix some errors and return values William Ehlhardt <williamehlhardt@gmail.com> parents: 18972 diff changeset	1889 "Attempting to unregister NULL verifier\n");
28673b6fb8a2 - Fix some errors and return values William Ehlhardt <williamehlhardt@gmail.com> parents: 18972 diff changeset	1890 return FALSE;
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1891 }
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1892
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1893 /* TODO: signalling? */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1894
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1895 cert_verifiers = g_list_remove(cert_verifiers, vr);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1896
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1897
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1898 purple_debug_info("certificate",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1899 "CertificateVerifier %s unregistered\n",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1900 vr->name);
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1901
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1902 return TRUE;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1903 }
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1904
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1905 PurpleCertificatePool *
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1906 purple_certificate_find_pool(const gchar scheme_name, const gchar pool_name)
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1907 {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1908 PurpleCertificatePool *pool = NULL;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1909 GList *l;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1910
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1911 g_return_val_if_fail(scheme_name, NULL);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1912 g_return_val_if_fail(pool_name, NULL);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1913
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1914 /* Traverse the list of registered pools and locate the
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1915 one whose name matches */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1916 for(l = cert_pools; l; l = l->next) {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1917 pool = (PurpleCertificatePool *)(l->data);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1918
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1919 /* Scheme and name match? */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1920 if(!g_ascii_strcasecmp(pool->scheme_name, scheme_name) &&
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1921 !g_ascii_strcasecmp(pool->name, pool_name))
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1922 return pool;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1923 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1924
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1925 purple_debug_warning("certificate",
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1926 "CertificatePool %s, %s requested but not found.\n",
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1927 scheme_name, pool_name);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1928
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1929 /* TODO: Signalling and such? */
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	1930
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1931 return NULL;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1932
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1933 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1934
19023 eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1935 GList *
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1936 purple_certificate_get_pools(void)
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1937 {
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1938 return cert_pools;
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1939 }
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1940
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1941 gboolean
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1942 purple_certificate_register_pool(PurpleCertificatePool *pool)
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1943 {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1944 g_return_val_if_fail(pool, FALSE);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1945 g_return_val_if_fail(pool->scheme_name, FALSE);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1946 g_return_val_if_fail(pool->name, FALSE);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1947 g_return_val_if_fail(pool->fullname, FALSE);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1948
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1949 /* Make sure no pools are registered under this name */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1950 if (purple_certificate_find_pool(pool->scheme_name, pool->name)) {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1951 return FALSE;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1952 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1953
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1954 /* Initialize the pool if needed */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1955 if (pool->init) {
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1956 gboolean success;
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1957
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1958 success = pool->init();
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1959 if (!success)
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1960 return FALSE;
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1961 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1962
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1963 /* Register the Pool */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1964 cert_pools = g_list_prepend(cert_pools, pool);
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1965
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1966 /* TODO: Emit a signal that the pool got registered */
19044 602295db8e6b - Register the certificate-stored and certificate-deleted signals William Ehlhardt <williamehlhardt@gmail.com> parents: 19034 diff changeset	1967
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1968 PURPLE_DBUS_REGISTER_POINTER(pool, PurpleCertificatePool);
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1969 purple_signal_register(pool, /* Signals emitted from pool */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1970 "certificate-stored",
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1971 purple_marshal_VOID__POINTER_POINTER,
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1972 NULL, /* No callback return value */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1973 2, /* Two non-data arguments */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1974 purple_value_new(PURPLE_TYPE_SUBTYPE,
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1975 PURPLE_SUBTYPE_CERTIFICATEPOOL),
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1976 purple_value_new(PURPLE_TYPE_STRING));
19044 602295db8e6b - Register the certificate-stored and certificate-deleted signals William Ehlhardt <williamehlhardt@gmail.com> parents: 19034 diff changeset	1977
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1978 purple_signal_register(pool, /* Signals emitted from pool */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1979 "certificate-deleted",
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1980 purple_marshal_VOID__POINTER_POINTER,
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1981 NULL, /* No callback return value */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1982 2, /* Two non-data arguments */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1983 purple_value_new(PURPLE_TYPE_SUBTYPE,
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1984 PURPLE_SUBTYPE_CERTIFICATEPOOL),
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1985 purple_value_new(PURPLE_TYPE_STRING));
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1986
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1987 purple_debug_info("certificate",
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1988 "CertificatePool %s registered\n",
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1989 pool->name);
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1990
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	1991 return TRUE;
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1992 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1993
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1994 gboolean
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1995 purple_certificate_unregister_pool(PurpleCertificatePool *pool)
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1996 {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1997 if (NULL == pool) {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1998 purple_debug_warning("certificate",
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	1999 "Attempting to unregister NULL pool\n");
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2000 return FALSE;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2001 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2002
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2003 /* Check that the pool is registered */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2004 if (!g_list_find(cert_pools, pool)) {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2005 purple_debug_warning("certificate",
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2006 "Pool to unregister isn't registered!\n");
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2007
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2008 return FALSE;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2009 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2010
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2011 /* Uninit the pool if needed */
19517 7bea9c9fd2a5 (Un)Register the pools with DBus to avoid a runtime fit. Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19515 diff changeset	2012 PURPLE_DBUS_UNREGISTER_POINTER(pool);
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2013 if (pool->uninit) {
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	2014 pool->uninit();
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2015 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2016
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2017 cert_pools = g_list_remove(cert_pools, pool);
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	2018
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2019 /* TODO: Signalling? */
19044 602295db8e6b - Register the certificate-stored and certificate-deleted signals William Ehlhardt <williamehlhardt@gmail.com> parents: 19034 diff changeset	2020 purple_signal_unregister(pool, "certificate-stored");
602295db8e6b - Register the certificate-stored and certificate-deleted signals William Ehlhardt <williamehlhardt@gmail.com> parents: 19034 diff changeset	2021 purple_signal_unregister(pool, "certificate-deleted");
25415 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25385 diff changeset	2022
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2023 purple_debug_info("certificate",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2024 "CertificatePool %s unregistered\n",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2025 pool->name);
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2026 return TRUE;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2027 }
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2028
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2029 /****************************************************************************/
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2030 /* Scheme-specific functions */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2031 /****************************************************************************/
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2032
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2033 void
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2034 purple_certificate_display_x509(PurpleCertificate *crt)
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2035 {
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2036 gchar *sha_asc;
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2037 GByteArray *sha_bin;
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2038 gchar *cn;
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2039 time_t activation, expiration;
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2040 gchar activ_str, expir_str;
19332 6e0521bb0853 - Fix some g_free()s of string constants that caused crashing William Ehlhardt <williamehlhardt@gmail.com> parents: 19331 diff changeset	2041 gchar *secondary;
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2042
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2043 /* Pull out the SHA1 checksum */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2044 sha_bin = purple_certificate_get_fingerprint_sha1(crt);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2045 /* Now decode it for display */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2046 sha_asc = purple_base16_encode_chunked(sha_bin->data,
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2047 sha_bin->len);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2048
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2049 /* Get the cert Common Name */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2050 /* TODO: Will break on CA certs */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2051 cn = purple_certificate_get_subject_name(crt);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2052
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2053 /* Get the certificate times */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2054 /* TODO: Check the times against localtime */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2055 /* TODO: errorcheck? */
19553 f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	2056 if (!purple_certificate_get_times(crt, &activation, &expiration)) {
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	2057 purple_debug_error("certificate",
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	2058 "Failed to get certificate times!\n");
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	2059 activation = expiration = 0;
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	2060 }
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2061 activ_str = g_strdup(ctime(&activation));
d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2062 expir_str = g_strdup(ctime(&expiration));
d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2063
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2064 /* Make messages */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2065 secondary = g_strdup_printf(_("Common name: %s\n\n"
24212 e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23917 diff changeset	2066 "Fingerprint (SHA1): %s\n\n"
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23917 diff changeset	2067 "Activation date: %s\n"
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23917 diff changeset	2068 "Expiration date: %s\n"),
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23917 diff changeset	2069 cn ? cn : "(null)",
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23917 diff changeset	2070 sha_asc ? sha_asc : "(null)",
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23917 diff changeset	2071 activ_str ? activ_str : "(null)",
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23917 diff changeset	2072 expir_str ? expir_str : "(null)");
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2073
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2074 /* Make a semi-pretty display */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2075 purple_notify_info(
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2076 NULL, /* TODO: Find what the handle ought to be */
19332 6e0521bb0853 - Fix some g_free()s of string constants that caused crashing William Ehlhardt <williamehlhardt@gmail.com> parents: 19331 diff changeset	2077 _("Certificate Information"),
6e0521bb0853 - Fix some g_free()s of string constants that caused crashing William Ehlhardt <williamehlhardt@gmail.com> parents: 19331 diff changeset	2078 "",
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2079 secondary);
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2080
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2081 /* Cleanup */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2082 g_free(cn);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2083 g_free(secondary);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2084 g_free(sha_asc);
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2085 g_free(activ_str);
d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2086 g_free(expir_str);
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2087 g_byte_array_free(sha_bin, TRUE);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2088 }
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2089
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2090 void purple_certificate_add_ca_search_path(const char *path)
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2091 {
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2092 if (g_list_find_custom(x509_ca_paths, path, (GCompareFunc)strcmp))
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2093 return;
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2094 x509_ca_paths = g_list_append(x509_ca_paths, g_strdup(path));
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2095 }
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2096

Mercurial > pidgin.yaz

annotate libpurple/certificate.c @ 28356:aa098151ca49