Mercurial > pidgin.yaz
annotate libpurple/certificate.c @ 28356:aa098151ca49
applied changes from c55cc517cc0bc09b677222a63f5f466531033719
through 51ea62d1cdee93a0f6ab96f22d28cbe07ea5d13b
Plucked revision 51ea62d1cdee93a0f6ab96f22d28cbe07ea5d13b from im.pidgin.pidgin.2.6.1
Original commit message:
Make sure configure checks for glib and gtk 2.4.0, since that's what
is needed to compile. We took a small vote on IRC or in the
jabber room and we all thought it would be fine to do this rather
than try to make stuff work. We'll see how it goes.
author | Mark Doliner <mark@kingant.net> |
---|---|
date | Wed, 19 Aug 2009 07:39:52 +0000 |
parents | 35f3a79045a6 |
children | b341ae89f5ce |
rev | line source |
---|---|
17638
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
1 /** |
19075 | 2 * @file certificate.c Public-Key Certificate API |
17638
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
3 * @ingroup core |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
4 */ |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
5 |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
6 /* |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
7 * |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
8 * purple |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
9 * |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
10 * Purple is the legal property of its developers, whose names are too numerous |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
11 * to list here. Please refer to the COPYRIGHT file distributed with this |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
12 * source distribution. |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
13 * |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
14 * This program is free software; you can redistribute it and/or modify |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
15 * it under the terms of the GNU General Public License as published by |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
16 * the Free Software Foundation; either version 2 of the License, or |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
17 * (at your option) any later version. |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
18 * |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
19 * This program is distributed in the hope that it will be useful, |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
22 * GNU General Public License for more details. |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
23 * |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
24 * You should have received a copy of the GNU General Public License |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
25 * along with this program; if not, write to the Free Software |
19680
44b4e8bd759b
The FSF changed its address a while ago; our files were out of date.
John Bailey <rekkanoryo@rekkanoryo.org>
parents:
19648
diff
changeset
|
26 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA |
17638
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
27 */ |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
28 |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
29 #include <glib.h> |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
30 |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
31 #include "internal.h" |
17638
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
32 #include "certificate.h" |
19517
7bea9c9fd2a5
(Un)Register the pools with DBus to avoid a runtime fit.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19515
diff
changeset
|
33 #include "dbus-maybe.h" |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
34 #include "debug.h" |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
35 #include "request.h" |
19044
602295db8e6b
- Register the certificate-stored and certificate-deleted signals
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19034
diff
changeset
|
36 #include "signals.h" |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
37 #include "util.h" |
17638
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
38 |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
39 /** List holding pointers to all registered certificate schemes */ |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
40 static GList *cert_schemes = NULL; |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
41 /** List of registered Verifiers */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
42 static GList *cert_verifiers = NULL; |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
43 /** List of registered Pools */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
44 static GList *cert_pools = NULL; |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
45 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
46 void |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
47 purple_certificate_verify (PurpleCertificateVerifier *verifier, |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
48 const gchar *subject_name, GList *cert_chain, |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
49 PurpleCertificateVerifiedCallback cb, |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
50 gpointer cb_data) |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
51 { |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
52 PurpleCertificateVerificationRequest *vrq; |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
53 PurpleCertificateScheme *scheme; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
54 |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
55 g_return_if_fail(subject_name != NULL); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
56 /* If you don't have a cert to check, why are you requesting that it |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
57 be verified? */ |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
58 g_return_if_fail(cert_chain != NULL); |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
59 g_return_if_fail(cb != NULL); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
60 |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
61 /* Look up the CertificateScheme */ |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
62 scheme = purple_certificate_find_scheme(verifier->scheme_name); |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
63 g_return_if_fail(scheme); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
64 |
18943
c519ff185569
- purple_certificate_verify attempts to check that the cert chain is of
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18942
diff
changeset
|
65 /* Check that at least the first cert in the chain matches the |
c519ff185569
- purple_certificate_verify attempts to check that the cert chain is of
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18942
diff
changeset
|
66 Verifier scheme */ |
18960
6831c126bcf3
- Fixed an inverted assertion
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18957
diff
changeset
|
67 g_return_if_fail(scheme == |
18943
c519ff185569
- purple_certificate_verify attempts to check that the cert chain is of
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18942
diff
changeset
|
68 ((PurpleCertificate *) (cert_chain->data))->scheme); |
c519ff185569
- purple_certificate_verify attempts to check that the cert chain is of
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18942
diff
changeset
|
69 |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
70 /* Construct and fill in the request fields */ |
18949
8902f0d7e40f
- Use g_new0 instead of g_new
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18947
diff
changeset
|
71 vrq = g_new0(PurpleCertificateVerificationRequest, 1); |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
72 vrq->verifier = verifier; |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
73 vrq->scheme = scheme; |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
74 vrq->subject_name = g_strdup(subject_name); |
19021
fcca10d0ac7d
- purple_certificate_verify no longer takes possession of the
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19020
diff
changeset
|
75 vrq->cert_chain = purple_certificate_copy_list(cert_chain); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
76 vrq->cb = cb; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
77 vrq->cb_data = cb_data; |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
78 |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
79 /* Initiate verification */ |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
80 (verifier->start_verification)(vrq); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
81 } |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
82 |
18946
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
83 void |
19088
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
84 purple_certificate_verify_complete(PurpleCertificateVerificationRequest *vrq, |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
85 PurpleCertificateVerificationStatus st) |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
86 { |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
87 PurpleCertificateVerifier *vr; |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
88 |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
89 g_return_if_fail(vrq); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
90 |
20747
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
91 if (st == PURPLE_CERTIFICATE_VALID) { |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
92 purple_debug_info("certificate", |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
93 "Successfully verified certificate for %s\n", |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
94 vrq->subject_name); |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
95 } else { |
27313
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25432
diff
changeset
|
96 purple_debug_error("certificate", |
20747
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
97 "Failed to verify certificate for %s\n", |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
98 vrq->subject_name); |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
99 } |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
100 |
19088
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
101 /* Pass the results on to the request's callback */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
102 (vrq->cb)(st, vrq->cb_data); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
103 |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
104 /* And now to eliminate the request */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
105 /* Fetch the Verifier responsible... */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
106 vr = vrq->verifier; |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
107 /* ...and order it to KILL */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
108 (vr->destroy_request)(vrq); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
109 |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
110 /* Now the internals have been cleaned up, so clean up the libpurple- |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
111 created elements */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
112 g_free(vrq->subject_name); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
113 purple_certificate_destroy_list(vrq->cert_chain); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
114 |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
115 /* A structure born |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
116 * to much ado |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
117 * and with so much within. |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
118 * It reaches now |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
119 * its quiet end. */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
120 g_free(vrq); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
121 } |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
122 |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
123 |
19018
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
124 PurpleCertificate * |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
125 purple_certificate_copy(PurpleCertificate *crt) |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
126 { |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
127 g_return_val_if_fail(crt, NULL); |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
128 g_return_val_if_fail(crt->scheme, NULL); |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
129 g_return_val_if_fail(crt->scheme->copy_certificate, NULL); |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
130 |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
131 return (crt->scheme->copy_certificate)(crt); |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
132 } |
18947
3c6bf77bf7c4
- Add purple_certificate_verify_destroy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18946
diff
changeset
|
133 |
19020
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
134 GList * |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
135 purple_certificate_copy_list(GList *crt_list) |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
136 { |
24212
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23917
diff
changeset
|
137 GList *new_l, *l; |
19020
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
138 |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
139 /* First, make a shallow copy of the list */ |
24212
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23917
diff
changeset
|
140 new_l = g_list_copy(crt_list); |
19020
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
141 |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
142 /* Now go through and actually duplicate each certificate */ |
24212
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23917
diff
changeset
|
143 for (l = new_l; l; l = l->next) { |
19020
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
144 l->data = purple_certificate_copy(l->data); |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
145 } |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
146 |
24212
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23917
diff
changeset
|
147 return new_l; |
19020
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
148 } |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
149 |
18947
3c6bf77bf7c4
- Add purple_certificate_verify_destroy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18946
diff
changeset
|
150 void |
18946
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
151 purple_certificate_destroy (PurpleCertificate *crt) |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
152 { |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
153 PurpleCertificateScheme *scheme; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
154 |
18946
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
155 if (NULL == crt) return; |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
156 |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
157 scheme = crt->scheme; |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
158 |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
159 (scheme->destroy_certificate)(crt); |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
160 } |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
161 |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
162 void |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
163 purple_certificate_destroy_list (GList * crt_list) |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
164 { |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
165 PurpleCertificate *crt; |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
166 GList *l; |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
167 |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
168 for (l=crt_list; l; l = l->next) { |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
169 crt = (PurpleCertificate *) l->data; |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
170 purple_certificate_destroy(crt); |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
171 } |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
172 |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
173 g_list_free(crt_list); |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
174 } |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
175 |
19076
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
176 gboolean |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
177 purple_certificate_signed_by(PurpleCertificate *crt, PurpleCertificate *issuer) |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
178 { |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
179 PurpleCertificateScheme *scheme; |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
180 |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
181 g_return_val_if_fail(crt, FALSE); |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
182 g_return_val_if_fail(issuer, FALSE); |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
183 |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
184 scheme = crt->scheme; |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
185 g_return_val_if_fail(scheme, FALSE); |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
186 /* We can't compare two certs of unrelated schemes, obviously */ |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
187 g_return_val_if_fail(issuer->scheme == scheme, FALSE); |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
188 |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
189 return (scheme->signed_by)(crt, issuer); |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
190 } |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
191 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
192 gboolean |
27999
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
193 purple_certificate_check_signature_chain_with_failing(GList *chain, |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
194 PurpleCertificate **failing) |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
195 { |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
196 GList *cur; |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
197 PurpleCertificate *crt, *issuer; |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
198 gchar *uid; |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
199 time_t now, activation, expiration; |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
200 gboolean ret; |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
201 |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
202 g_return_val_if_fail(chain, FALSE); |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
203 |
27999
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
204 if (failing) |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
205 *failing = NULL; |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
206 |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
207 uid = purple_certificate_get_unique_id((PurpleCertificate *) chain->data); |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
208 purple_debug_info("certificate", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
209 "Checking signature chain for uid=%s\n", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
210 uid); |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
211 g_free(uid); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
212 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
213 /* If this is a single-certificate chain, say that it is valid */ |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
214 if (chain->next == NULL) { |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
215 purple_debug_info("certificate", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
216 "...Singleton. We'll say it's valid.\n"); |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
217 return TRUE; |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
218 } |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
219 |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
220 now = time(NULL); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
221 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
222 /* Load crt with the first certificate */ |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
223 crt = (PurpleCertificate *)(chain->data); |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
224 /* And start with the second certificate in the chain */ |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
225 for ( cur = chain->next; cur; cur = cur->next ) { |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
226 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
227 issuer = (PurpleCertificate *)(cur->data); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
228 |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
229 uid = purple_certificate_get_unique_id(issuer); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
230 |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
231 ret = purple_certificate_get_times(issuer, &activation, &expiration); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
232 if (!ret || now < activation || now > expiration) { |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
233 if (!ret) |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
234 purple_debug_error("certificate", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
235 "...Failed to get validity times for certificate %s\n" |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
236 "Chain is INVALID\n", uid); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
237 else if (now > expiration) |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
238 purple_debug_error("certificate", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
239 "...Issuer %s expired at %s\nChain is INVALID\n", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
240 uid, ctime(&expiration)); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
241 else |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
242 purple_debug_error("certificate", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
243 "...Not-yet-activated issuer %s will be valid at %s\n" |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
244 "Chain is INVALID\n", uid, ctime(&activation)); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
245 |
27999
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
246 if (failing) |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
247 *failing = crt; |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
248 |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
249 g_free(uid); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
250 return FALSE; |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
251 } |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
252 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
253 /* Check the signature for this link */ |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
254 if (! purple_certificate_signed_by(crt, issuer) ) { |
27313
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25432
diff
changeset
|
255 purple_debug_error("certificate", |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
256 "...Bad or missing signature by %s\nChain is INVALID\n", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
257 uid); |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
258 g_free(uid); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
259 |
27999
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
260 if (failing) |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
261 *failing = crt; |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
262 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
263 return FALSE; |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
264 } |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
265 |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
266 purple_debug_info("certificate", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
267 "...Good signature by %s\n", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
268 uid); |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
269 g_free(uid); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
270 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
271 /* The issuer is now the next crt whose signature is to be |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
272 checked */ |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
273 crt = issuer; |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
274 } |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
275 |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
276 /* If control reaches this point, the chain is valid */ |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
277 purple_debug_info("certificate", "Chain is VALID\n"); |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
278 return TRUE; |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
279 } |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
280 |
27999
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
281 gboolean |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
282 purple_certificate_check_signature_chain(GList *chain) |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
283 { |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
284 return purple_certificate_check_signature_chain_with_failing(chain, NULL); |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
285 } |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
286 |
18988
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
287 PurpleCertificate * |
18989
43d1ee6a3ed5
- Fixed naming issues in previous revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18988
diff
changeset
|
288 purple_certificate_import(PurpleCertificateScheme *scheme, const gchar *filename) |
18988
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
289 { |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
290 g_return_val_if_fail(scheme, NULL); |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
291 g_return_val_if_fail(scheme->import_certificate, NULL); |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
292 g_return_val_if_fail(filename, NULL); |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
293 |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
294 return (scheme->import_certificate)(filename); |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
295 } |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
296 |
18977
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
297 gboolean |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
298 purple_certificate_export(const gchar *filename, PurpleCertificate *crt) |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
299 { |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
300 PurpleCertificateScheme *scheme; |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
301 |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
302 g_return_val_if_fail(filename, FALSE); |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
303 g_return_val_if_fail(crt, FALSE); |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
304 g_return_val_if_fail(crt->scheme, FALSE); |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
305 |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
306 scheme = crt->scheme; |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
307 g_return_val_if_fail(scheme->export_certificate, FALSE); |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
308 |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
309 return (scheme->export_certificate)(filename, crt); |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
310 } |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
311 |
27997
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
312 static gboolean |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
313 byte_arrays_equal(const GByteArray *array1, const GByteArray *array2) |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
314 { |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
315 g_return_val_if_fail(array1 != NULL, FALSE); |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
316 g_return_val_if_fail(array2 != NULL, FALSE); |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
317 |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
318 return (array1->len == array2->len) && |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
319 (0 == memcmp(array1->data, array2->data, array1->len)); |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
320 } |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
321 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
322 GByteArray * |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
323 purple_certificate_get_fingerprint_sha1(PurpleCertificate *crt) |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
324 { |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
325 PurpleCertificateScheme *scheme; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
326 GByteArray *fpr; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
327 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
328 g_return_val_if_fail(crt, NULL); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
329 g_return_val_if_fail(crt->scheme, NULL); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
330 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
331 scheme = crt->scheme; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
332 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
333 g_return_val_if_fail(scheme->get_fingerprint_sha1, NULL); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
334 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
335 fpr = (scheme->get_fingerprint_sha1)(crt); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
336 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
337 return fpr; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
338 } |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
339 |
18962
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
340 gchar * |
19080
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
341 purple_certificate_get_unique_id(PurpleCertificate *crt) |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
342 { |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
343 g_return_val_if_fail(crt, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
344 g_return_val_if_fail(crt->scheme, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
345 g_return_val_if_fail(crt->scheme->get_unique_id, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
346 |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
347 return (crt->scheme->get_unique_id)(crt); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
348 } |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
349 |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
350 gchar * |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
351 purple_certificate_get_issuer_unique_id(PurpleCertificate *crt) |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
352 { |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
353 g_return_val_if_fail(crt, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
354 g_return_val_if_fail(crt->scheme, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
355 g_return_val_if_fail(crt->scheme->get_issuer_unique_id, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
356 |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
357 return (crt->scheme->get_issuer_unique_id)(crt); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
358 } |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
359 |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
360 gchar * |
18962
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
361 purple_certificate_get_subject_name(PurpleCertificate *crt) |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
362 { |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
363 PurpleCertificateScheme *scheme; |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
364 gchar *subject_name; |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
365 |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
366 g_return_val_if_fail(crt, NULL); |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
367 g_return_val_if_fail(crt->scheme, NULL); |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
368 |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
369 scheme = crt->scheme; |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
370 |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
371 g_return_val_if_fail(scheme->get_subject_name, NULL); |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
372 |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
373 subject_name = (scheme->get_subject_name)(crt); |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
374 |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
375 return subject_name; |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
376 } |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
377 |
19008
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
378 gboolean |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
379 purple_certificate_check_subject_name(PurpleCertificate *crt, const gchar *name) |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
380 { |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
381 PurpleCertificateScheme *scheme; |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
382 |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
383 g_return_val_if_fail(crt, FALSE); |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
384 g_return_val_if_fail(crt->scheme, FALSE); |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
385 g_return_val_if_fail(name, FALSE); |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
386 |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
387 scheme = crt->scheme; |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
388 |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
389 g_return_val_if_fail(scheme->check_subject_name, FALSE); |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
390 |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
391 return (scheme->check_subject_name)(crt, name); |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
392 } |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
393 |
19012
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
394 gboolean |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
395 purple_certificate_get_times(PurpleCertificate *crt, time_t *activation, time_t *expiration) |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
396 { |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
397 PurpleCertificateScheme *scheme; |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
398 |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
399 g_return_val_if_fail(crt, FALSE); |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
400 |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
401 scheme = crt->scheme; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
402 |
19012
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
403 g_return_val_if_fail(scheme, FALSE); |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
404 |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
405 /* If both provided references are NULL, what are you doing calling |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
406 this? */ |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
407 g_return_val_if_fail( (activation != NULL) || (expiration != NULL), FALSE); |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
408 |
19067
6c0aad79c4c5
- Change the internal structure of activation/expiration times to match
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19063
diff
changeset
|
409 /* Throw the request on down to the certscheme */ |
6c0aad79c4c5
- Change the internal structure of activation/expiration times to match
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19063
diff
changeset
|
410 return (scheme->get_times)(crt, activation, expiration); |
19012
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
411 } |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
412 |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
413 gchar * |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
414 purple_certificate_pool_mkpath(PurpleCertificatePool *pool, const gchar *id) |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
415 { |
19010
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
416 gchar *path; |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
417 gchar *esc_scheme_name, *esc_name, *esc_id; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
418 |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
419 g_return_val_if_fail(pool, NULL); |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
420 g_return_val_if_fail(pool->scheme_name, NULL); |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
421 g_return_val_if_fail(pool->name, NULL); |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
422 |
19010
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
423 /* Escape all the elements for filesystem-friendliness */ |
19033
6b4e874e47c1
- Handle NULLs given to certificate_pool_mkpath without causing errors
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19027
diff
changeset
|
424 esc_scheme_name = pool ? g_strdup(purple_escape_filename(pool->scheme_name)) : NULL; |
6b4e874e47c1
- Handle NULLs given to certificate_pool_mkpath without causing errors
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19027
diff
changeset
|
425 esc_name = pool ? g_strdup(purple_escape_filename(pool->name)) : NULL; |
6b4e874e47c1
- Handle NULLs given to certificate_pool_mkpath without causing errors
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19027
diff
changeset
|
426 esc_id = id ? g_strdup(purple_escape_filename(id)) : NULL; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
427 |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
428 path = g_build_filename(purple_user_dir(), |
18986
dfd9f883b774
- Correct the certstore folder paths
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18985
diff
changeset
|
429 "certificates", /* TODO: constantize this? */ |
19010
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
430 esc_scheme_name, |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
431 esc_name, |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
432 esc_id, |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
433 NULL); |
19009
b64aa0222a7a
- pool_mkpath now runs purple_escape_filename on its return value
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
434 |
19010
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
435 g_free(esc_scheme_name); |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
436 g_free(esc_name); |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
437 g_free(esc_id); |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
438 return path; |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
439 } |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
440 |
18995
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
441 gboolean |
19034
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
442 purple_certificate_pool_usable(PurpleCertificatePool *pool) |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
443 { |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
444 g_return_val_if_fail(pool, FALSE); |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
445 g_return_val_if_fail(pool->scheme_name, FALSE); |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
446 |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
447 /* Check that the pool's scheme is loaded */ |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
448 if (purple_certificate_find_scheme(pool->scheme_name) == NULL) { |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
449 return FALSE; |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
450 } |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
451 |
19034
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
452 return TRUE; |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
453 } |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
454 |
19060
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
455 PurpleCertificateScheme * |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
456 purple_certificate_pool_get_scheme(PurpleCertificatePool *pool) |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
457 { |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
458 g_return_val_if_fail(pool, NULL); |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
459 g_return_val_if_fail(pool->scheme_name, NULL); |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
460 |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
461 return purple_certificate_find_scheme(pool->scheme_name); |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
462 } |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
463 |
19034
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
464 gboolean |
18995
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
465 purple_certificate_pool_contains(PurpleCertificatePool *pool, const gchar *id) |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
466 { |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
467 g_return_val_if_fail(pool, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
468 g_return_val_if_fail(id, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
469 g_return_val_if_fail(pool->cert_in_pool, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
470 |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
471 return (pool->cert_in_pool)(id); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
472 } |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
473 |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
474 PurpleCertificate * |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
475 purple_certificate_pool_retrieve(PurpleCertificatePool *pool, const gchar *id) |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
476 { |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
477 g_return_val_if_fail(pool, NULL); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
478 g_return_val_if_fail(id, NULL); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
479 g_return_val_if_fail(pool->get_cert, NULL); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
480 |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
481 return (pool->get_cert)(id); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
482 } |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
483 |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
484 gboolean |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
485 purple_certificate_pool_store(PurpleCertificatePool *pool, const gchar *id, PurpleCertificate *crt) |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
486 { |
19046
8599a27ad69c
- Emit certificate-stored signal in purple_certificate_pool_store
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19044
diff
changeset
|
487 gboolean ret = FALSE; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
488 |
18995
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
489 g_return_val_if_fail(pool, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
490 g_return_val_if_fail(id, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
491 g_return_val_if_fail(pool->put_cert, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
492 |
18996
24fc5ca67afc
- Do some weak checking to ensure that you don't attempt to store a
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18995
diff
changeset
|
493 /* Whether crt->scheme matches find_scheme(pool->scheme_name) is not |
24fc5ca67afc
- Do some weak checking to ensure that you don't attempt to store a
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18995
diff
changeset
|
494 relevant... I think... */ |
24fc5ca67afc
- Do some weak checking to ensure that you don't attempt to store a
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18995
diff
changeset
|
495 g_return_val_if_fail( |
24fc5ca67afc
- Do some weak checking to ensure that you don't attempt to store a
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18995
diff
changeset
|
496 g_ascii_strcasecmp(pool->scheme_name, crt->scheme->name) == 0, |
24fc5ca67afc
- Do some weak checking to ensure that you don't attempt to store a
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18995
diff
changeset
|
497 FALSE); |
18995
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
498 |
19046
8599a27ad69c
- Emit certificate-stored signal in purple_certificate_pool_store
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19044
diff
changeset
|
499 ret = (pool->put_cert)(id, crt); |
8599a27ad69c
- Emit certificate-stored signal in purple_certificate_pool_store
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19044
diff
changeset
|
500 |
19050
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
501 /* Signal that the certificate was stored if success*/ |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
502 if (ret) { |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
503 purple_signal_emit(pool, "certificate-stored", |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
504 pool, id); |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
505 } |
19046
8599a27ad69c
- Emit certificate-stored signal in purple_certificate_pool_store
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19044
diff
changeset
|
506 |
8599a27ad69c
- Emit certificate-stored signal in purple_certificate_pool_store
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19044
diff
changeset
|
507 return ret; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
508 } |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
509 |
19049
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
510 gboolean |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
511 purple_certificate_pool_delete(PurpleCertificatePool *pool, const gchar *id) |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
512 { |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
513 gboolean ret = FALSE; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
514 |
19049
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
515 g_return_val_if_fail(pool, FALSE); |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
516 g_return_val_if_fail(id, FALSE); |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
517 g_return_val_if_fail(pool->delete_cert, FALSE); |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
518 |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
519 ret = (pool->delete_cert)(id); |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
520 |
19050
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
521 /* Signal that the certificate was deleted if success */ |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
522 if (ret) { |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
523 purple_signal_emit(pool, "certificate-deleted", |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
524 pool, id); |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
525 } |
19049
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
526 |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
527 return ret; |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
528 } |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
529 |
19026
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
530 GList * |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
531 purple_certificate_pool_get_idlist(PurpleCertificatePool *pool) |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
532 { |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
533 g_return_val_if_fail(pool, NULL); |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
534 g_return_val_if_fail(pool->get_idlist, NULL); |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
535 |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
536 return (pool->get_idlist)(); |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
537 } |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
538 |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
539 void |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
540 purple_certificate_pool_destroy_idlist(GList *idlist) |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
541 { |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
542 GList *l; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
543 |
19026
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
544 /* Iterate through and free them strings */ |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
545 for ( l = idlist; l; l = l->next ) { |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
546 g_free(l->data); |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
547 } |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
548 |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
549 g_list_free(idlist); |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
550 } |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
551 |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
552 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
553 /****************************************************************************/ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
554 /* Builtin Verifiers, Pools, etc. */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
555 /****************************************************************************/ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
556 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
557 static void |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
558 x509_singleuse_verify_cb (PurpleCertificateVerificationRequest *vrq, gint id) |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
559 { |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
560 g_return_if_fail(vrq); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
561 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
562 purple_debug_info("certificate/x509_singleuse", |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
563 "VRQ on cert from %s gave %d\n", |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
564 vrq->subject_name, id); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
565 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
566 /* Signal what happened back to the caller */ |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
567 if (1 == id) { |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
568 /* Accepted! */ |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
569 purple_certificate_verify_complete(vrq, |
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
570 PURPLE_CERTIFICATE_VALID); |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
571 } else { |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
572 /* Not accepted */ |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
573 purple_certificate_verify_complete(vrq, |
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
574 PURPLE_CERTIFICATE_INVALID); |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
575 |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
576 } |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
577 } |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
578 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
579 static void |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
580 x509_singleuse_start_verify (PurpleCertificateVerificationRequest *vrq) |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
581 { |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
582 gchar *sha_asc; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
583 GByteArray *sha_bin; |
18964
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
584 gchar *cn; |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
585 const gchar *cn_match; |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
586 gchar *primary, *secondary; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
587 PurpleCertificate *crt = (PurpleCertificate *) vrq->cert_chain->data; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
588 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
589 /* Pull out the SHA1 checksum */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
590 sha_bin = purple_certificate_get_fingerprint_sha1(crt); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
591 /* Now decode it for display */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
592 sha_asc = purple_base16_encode_chunked(sha_bin->data, |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
593 sha_bin->len); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
594 |
18964
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
595 /* Get the cert Common Name */ |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
596 cn = purple_certificate_get_subject_name(crt); |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
597 |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
598 /* Determine whether the name matches */ |
19496
004c3e257bd0
- Even more TODO whacking
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19495
diff
changeset
|
599 if (purple_certificate_check_subject_name(crt, vrq->subject_name)) { |
20270
d94432a338ab
Translating the empty string is a bad idea.
Richard Laager <rlaager@wiktel.com>
parents:
20248
diff
changeset
|
600 cn_match = ""; |
18964
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
601 } else { |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
602 cn_match = _("(DOES NOT MATCH)"); |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
603 } |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
604 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
605 /* Make messages */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
606 primary = g_strdup_printf(_("%s has presented the following certificate for just-this-once use:"), vrq->subject_name); |
18964
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
607 secondary = g_strdup_printf(_("Common name: %s %s\nFingerprint (SHA1): %s"), cn, cn_match, sha_asc); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
608 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
609 /* Make a semi-pretty display */ |
21099
51cf02dbdb0e
disapproval of revision 'c484d979c4fda4433a9633ff8b69bd8a395c9479'
Richard Laager <rlaager@wiktel.com>
parents:
21095
diff
changeset
|
610 purple_request_accept_cancel( |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
611 vrq->cb_data, /* TODO: Find what the handle ought to be */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
612 _("Single-use Certificate Verification"), |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
613 primary, |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
614 secondary, |
22143
70fc60344317
A few more of those "default_action" fixes
Mark Doliner <mark@kingant.net>
parents:
22142
diff
changeset
|
615 0, /* Accept by default */ |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
616 NULL, /* No account */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
617 NULL, /* No other user */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
618 NULL, /* No associated conversation */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
619 vrq, |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
620 x509_singleuse_verify_cb, |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
621 x509_singleuse_verify_cb ); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
622 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
623 /* Cleanup */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
624 g_free(primary); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
625 g_free(secondary); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
626 g_free(sha_asc); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
627 g_byte_array_free(sha_bin, TRUE); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
628 } |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
629 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
630 static void |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
631 x509_singleuse_destroy_request (PurpleCertificateVerificationRequest *vrq) |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
632 { |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
633 /* I don't do anything! */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
634 } |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
635 |
22576
54e5371a6d5d
Make x509_singleuse static
Stu Tomlinson <stu@nosnilmot.com>
parents:
22475
diff
changeset
|
636 static PurpleCertificateVerifier x509_singleuse = { |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
637 "x509", /* Scheme name */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
638 "singleuse", /* Verifier name */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
639 x509_singleuse_start_verify, /* start_verification function */ |
19648
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
640 x509_singleuse_destroy_request, /* Request cleanup operation */ |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
641 |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
642 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
643 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
644 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
645 NULL |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
646 }; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
647 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
648 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
649 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
650 /***** X.509 Certificate Authority pool, keyed by Distinguished Name *****/ |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
651 /* This is implemented in what may be the most inefficient and bugprone way |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
652 possible; however, future optimizations should not be difficult. */ |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
653 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
654 static PurpleCertificatePool x509_ca; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
655 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
656 /** Holds a key-value pair for quickish certificate lookup */ |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
657 typedef struct { |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
658 gchar *dn; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
659 PurpleCertificate *crt; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
660 } x509_ca_element; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
661 |
19207
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
662 static void |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
663 x509_ca_element_free(x509_ca_element *el) |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
664 { |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
665 if (NULL == el) return; |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
666 |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
667 g_free(el->dn); |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
668 purple_certificate_destroy(el->crt); |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
669 g_free(el); |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
670 } |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
671 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
672 /** System directory to probe for CA certificates */ |
19271
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
673 /* This is set in the lazy_init function */ |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
674 static GList *x509_ca_paths = NULL; |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
675 |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
676 /** A list of loaded CAs, populated from the above path whenever the lazy_init |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
677 happens. Contains pointers to x509_ca_elements */ |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
678 static GList *x509_ca_certs = NULL; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
679 |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
680 /** Used for lazy initialization purposes. */ |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
681 static gboolean x509_ca_initialized = FALSE; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
682 |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
683 /** Adds a certificate to the in-memory cache, doing nothing else */ |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
684 static gboolean |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
685 x509_ca_quiet_put_cert(PurpleCertificate *crt) |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
686 { |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
687 x509_ca_element *el; |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
688 |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
689 /* lazy_init calls this function, so calling lazy_init here is a |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
690 Bad Thing */ |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
691 |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
692 g_return_val_if_fail(crt, FALSE); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
693 g_return_val_if_fail(crt->scheme, FALSE); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
694 /* Make sure that this is some kind of X.509 certificate */ |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
695 /* TODO: Perhaps just check crt->scheme->name instead? */ |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
696 g_return_val_if_fail(crt->scheme == purple_certificate_find_scheme(x509_ca.scheme_name), FALSE); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
697 |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
698 el = g_new0(x509_ca_element, 1); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
699 el->dn = purple_certificate_get_unique_id(crt); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
700 el->crt = purple_certificate_copy(crt); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
701 x509_ca_certs = g_list_prepend(x509_ca_certs, el); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
702 |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
703 return TRUE; |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
704 } |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
705 |
19271
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
706 /* Since the libpurple CertificatePools get registered before plugins are |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
707 loaded, an X.509 Scheme is generally not available when x509_ca_init is |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
708 called, but x509_ca requires X.509 operations in order to properly load. |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
709 |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
710 To solve this, I present the lazy_init function. It attempts to finish |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
711 initialization of the Pool, but it usually fails when it is called from |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
712 x509_ca_init. However, this is OK; initialization is then simply deferred |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
713 until someone tries to use functions from the pool. */ |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
714 static gboolean |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
715 x509_ca_lazy_init(void) |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
716 { |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
717 PurpleCertificateScheme *x509; |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
718 GDir *certdir; |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
719 const gchar *entry; |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
720 GPatternSpec *pempat; |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
721 GList *iter = NULL; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
722 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
723 if (x509_ca_initialized) return TRUE; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
724 |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
725 /* Check that X.509 is registered */ |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
726 x509 = purple_certificate_find_scheme(x509_ca.scheme_name); |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
727 if ( !x509 ) { |
27313
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25432
diff
changeset
|
728 purple_debug_warning("certificate/x509/ca", |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
729 "Lazy init failed because an X.509 Scheme " |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
730 "is not yet registered. Maybe it will be " |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
731 "better later.\n"); |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
732 return FALSE; |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
733 } |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
734 |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
735 /* Use a glob to only read .pem files */ |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
736 pempat = g_pattern_spec_new("*.pem"); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
737 |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
738 /* Populate the certificates pool from the search path(s) */ |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
739 for (iter = x509_ca_paths; iter; iter = iter->next) { |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
740 certdir = g_dir_open(iter->data, 0, NULL); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
741 if (!certdir) { |
22475
3225c99785b8
Fix a bunch of compiler warnings caused by my addition of G_GNUC_PRINTF()
Mark Doliner <mark@kingant.net>
parents:
22143
diff
changeset
|
742 purple_debug_error("certificate/x509/ca", "Couldn't open location '%s'\n", (const char *)iter->data); |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
743 continue; |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
744 } |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
745 |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
746 while ( (entry = g_dir_read_name(certdir)) ) { |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
747 gchar *fullpath; |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
748 PurpleCertificate *crt; |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
749 |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
750 if ( !g_pattern_match_string(pempat, entry) ) { |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
751 continue; |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
752 } |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
753 |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
754 fullpath = g_build_filename(iter->data, entry, NULL); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
755 |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
756 /* TODO: Respond to a failure in the following? */ |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
757 crt = purple_certificate_import(x509, fullpath); |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
758 |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
759 if (x509_ca_quiet_put_cert(crt)) { |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
760 purple_debug_info("certificate/x509/ca", |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
761 "Loaded %s\n", |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
762 fullpath); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
763 } else { |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
764 purple_debug_error("certificate/x509/ca", |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
765 "Failed to load %s\n", |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
766 fullpath); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
767 } |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
768 |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
769 purple_certificate_destroy(crt); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
770 g_free(fullpath); |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
771 } |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
772 g_dir_close(certdir); |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
773 } |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
774 |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
775 g_pattern_spec_free(pempat); |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
776 |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
777 purple_debug_info("certificate/x509/ca", |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
778 "Lazy init completed.\n"); |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
779 x509_ca_initialized = TRUE; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
780 return TRUE; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
781 } |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
782 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
783 static gboolean |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
784 x509_ca_init(void) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
785 { |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
786 /* Attempt to point at the appropriate system path */ |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
787 if (NULL == x509_ca_paths) { |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
788 #ifdef _WIN32 |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
789 x509_ca_paths = g_list_append(NULL, g_build_filename(DATADIR, |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
790 "ca-certs", NULL)); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
791 #else |
23332
390384053186
Add a configure option, --with-ssl-certificates to allow packagers to
Richard Laager <rlaager@wiktel.com>
parents:
23038
diff
changeset
|
792 # ifdef SSL_CERTIFICATES_DIR |
23743
e72e03fb5ef1
Fix a crash on exit when using --with-system-ssl-certs
Mark Doliner <mark@kingant.net>
parents:
23332
diff
changeset
|
793 x509_ca_paths = g_list_append(NULL, g_strdup(SSL_CERTIFICATES_DIR)); |
23332
390384053186
Add a configure option, --with-ssl-certificates to allow packagers to
Richard Laager <rlaager@wiktel.com>
parents:
23038
diff
changeset
|
794 # else |
390384053186
Add a configure option, --with-ssl-certificates to allow packagers to
Richard Laager <rlaager@wiktel.com>
parents:
23038
diff
changeset
|
795 # endif |
24683
d9e3434d6416
uncondtionally install some certificates and use them, References #6680.
Ka-Hing Cheung <khc@hxbc.us>
parents:
24212
diff
changeset
|
796 x509_ca_paths = g_list_append(x509_ca_paths, |
d9e3434d6416
uncondtionally install some certificates and use them, References #6680.
Ka-Hing Cheung <khc@hxbc.us>
parents:
24212
diff
changeset
|
797 g_build_filename(DATADIR, "purple", "ca-certs", NULL)); |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
798 #endif |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
799 } |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
800 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
801 /* Attempt to initialize now, but if it doesn't work, that's OK; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
802 it will get done later */ |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
803 if ( ! x509_ca_lazy_init()) { |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
804 purple_debug_info("certificate/x509/ca", |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
805 "Init failed, probably because a " |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
806 "dependency is not yet registered. " |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
807 "It has been deferred to later.\n"); |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
808 } |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
809 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
810 return TRUE; |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
811 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
812 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
813 static void |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
814 x509_ca_uninit(void) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
815 { |
19202
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
816 GList *l; |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
817 |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
818 for (l = x509_ca_certs; l; l = l->next) { |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
819 x509_ca_element *el = l->data; |
19207
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
820 x509_ca_element_free(el); |
19202
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
821 } |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
822 g_list_free(x509_ca_certs); |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
823 x509_ca_certs = NULL; |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
824 x509_ca_initialized = FALSE; |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
825 g_list_foreach(x509_ca_paths, (GFunc)g_free, NULL); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
826 g_list_free(x509_ca_paths); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
827 x509_ca_paths = NULL; |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
828 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
829 |
19203
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
830 /** Look up a ca_element by dn */ |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
831 static x509_ca_element * |
19205 | 832 x509_ca_locate_cert(GList *lst, const gchar *dn) |
19203
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
833 { |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
834 GList *cur; |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
835 |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
836 for (cur = lst; cur; cur = cur->next) { |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
837 x509_ca_element *el = cur->data; |
25385
a6e3cb32cdd2
Patch from Paul Aurich to add purple_strequal to help readability and simplicity of code. Ie, don't need to negate the value of strcmp, since this does a strcmp and does the negation for us
Paul Aurich <paul@darkrain42.org>
parents:
24805
diff
changeset
|
838 if (purple_strequal(dn, el->dn)) { |
19203
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
839 return el; |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
840 } |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
841 } |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
842 return NULL; |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
843 } |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
844 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
845 static gboolean |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
846 x509_ca_cert_in_pool(const gchar *id) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
847 { |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
848 g_return_val_if_fail(x509_ca_lazy_init(), FALSE); |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
849 g_return_val_if_fail(id, FALSE); |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
850 |
19205 | 851 if (x509_ca_locate_cert(x509_ca_certs, id) != NULL) { |
19204
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
852 return TRUE; |
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
853 } else { |
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
854 return FALSE; |
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
855 } |
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
856 |
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
857 return FALSE; |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
858 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
859 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
860 static PurpleCertificate * |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
861 x509_ca_get_cert(const gchar *id) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
862 { |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
863 PurpleCertificate *crt = NULL; |
19206
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
864 x509_ca_element *el; |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
865 |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
866 g_return_val_if_fail(x509_ca_lazy_init(), NULL); |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
867 g_return_val_if_fail(id, NULL); |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
868 |
19206
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
869 /* Search the memory-cached pool */ |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
870 el = x509_ca_locate_cert(x509_ca_certs, id); |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
871 |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
872 if (el != NULL) { |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
873 /* Make a copy of the memcached one for the function caller |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
874 to play with */ |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
875 crt = purple_certificate_copy(el->crt); |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
876 } else { |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
877 crt = NULL; |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
878 } |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
879 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
880 return crt; |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
881 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
882 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
883 static gboolean |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
884 x509_ca_put_cert(const gchar *id, PurpleCertificate *crt) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
885 { |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
886 gboolean ret = FALSE; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
887 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
888 g_return_val_if_fail(x509_ca_lazy_init(), FALSE); |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
889 |
19096
81163e153778
- Add a hacked-up method of adding certs to the CA pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19095
diff
changeset
|
890 /* TODO: This is a quick way of doing this. At some point the change |
81163e153778
- Add a hacked-up method of adding certs to the CA pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19095
diff
changeset
|
891 ought to be flushed to disk somehow. */ |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
892 ret = x509_ca_quiet_put_cert(crt); |
19096
81163e153778
- Add a hacked-up method of adding certs to the CA pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19095
diff
changeset
|
893 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
894 return ret; |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
895 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
896 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
897 static gboolean |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
898 x509_ca_delete_cert(const gchar *id) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
899 { |
19208
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
900 x509_ca_element *el; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
901 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
902 g_return_val_if_fail(x509_ca_lazy_init(), FALSE); |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
903 g_return_val_if_fail(id, FALSE); |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
904 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
905 /* Is the id even in the pool? */ |
19208
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
906 el = x509_ca_locate_cert(x509_ca_certs, id); |
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
907 if ( el == NULL ) { |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
908 purple_debug_warning("certificate/x509/ca", |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
909 "Id %s wasn't in the pool\n", |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
910 id); |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
911 return FALSE; |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
912 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
913 |
19208
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
914 /* Unlink it from the memory cache and destroy it */ |
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
915 x509_ca_certs = g_list_remove(x509_ca_certs, el); |
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
916 x509_ca_element_free(el); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
917 |
19208
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
918 return TRUE; |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
919 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
920 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
921 static GList * |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
922 x509_ca_get_idlist(void) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
923 { |
19209
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
924 GList *l, *idlist; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
925 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
926 g_return_val_if_fail(x509_ca_lazy_init(), NULL); |
19209
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
927 |
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
928 idlist = NULL; |
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
929 for (l = x509_ca_certs; l; l = l->next) { |
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
930 x509_ca_element *el = l->data; |
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
931 idlist = g_list_prepend(idlist, g_strdup(el->dn)); |
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
932 } |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
933 |
19209
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
934 return idlist; |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
935 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
936 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
937 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
938 static PurpleCertificatePool x509_ca = { |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
939 "x509", /* Scheme name */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
940 "ca", /* Pool name */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
941 N_("Certificate Authorities"),/* User-friendly name */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
942 NULL, /* Internal data */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
943 x509_ca_init, /* init */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
944 x509_ca_uninit, /* uninit */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
945 x509_ca_cert_in_pool, /* Certificate exists? */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
946 x509_ca_get_cert, /* Cert retriever */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
947 x509_ca_put_cert, /* Cert writer */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
948 x509_ca_delete_cert, /* Cert remover */ |
19648
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
949 x509_ca_get_idlist, /* idlist retriever */ |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
950 |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
951 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
952 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
953 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
954 NULL |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
955 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
956 }; |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
957 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
958 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
959 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
960 /***** Cache of certificates given by TLS/SSL peers *****/ |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
961 static PurpleCertificatePool x509_tls_peers; |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
962 |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
963 static gboolean |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
964 x509_tls_peers_init(void) |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
965 { |
18985
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
966 gchar *poolpath; |
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
967 int ret; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
968 |
18985
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
969 /* Set up key cache here if it isn't already done */ |
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
970 poolpath = purple_certificate_pool_mkpath(&x509_tls_peers, NULL); |
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
971 ret = purple_build_dir(poolpath, 0700); /* Make it this user only */ |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
972 |
27612
18a96fe78870
Don't fail an assertion and don't return FALSE if we can't create
Mark Doliner <mark@kingant.net>
parents:
27313
diff
changeset
|
973 if (ret != 0) |
18a96fe78870
Don't fail an assertion and don't return FALSE if we can't create
Mark Doliner <mark@kingant.net>
parents:
27313
diff
changeset
|
974 purple_debug_info("certificate/tls_peers", |
18a96fe78870
Don't fail an assertion and don't return FALSE if we can't create
Mark Doliner <mark@kingant.net>
parents:
27313
diff
changeset
|
975 "Could not create %s. Certificates will not be cached.\n", |
18a96fe78870
Don't fail an assertion and don't return FALSE if we can't create
Mark Doliner <mark@kingant.net>
parents:
27313
diff
changeset
|
976 poolpath); |
18a96fe78870
Don't fail an assertion and don't return FALSE if we can't create
Mark Doliner <mark@kingant.net>
parents:
27313
diff
changeset
|
977 |
18985
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
978 g_free(poolpath); |
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
979 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
980 return TRUE; |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
981 } |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
982 |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
983 static gboolean |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
984 x509_tls_peers_cert_in_pool(const gchar *id) |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
985 { |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
986 gchar *keypath; |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
987 gboolean ret = FALSE; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
988 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
989 g_return_val_if_fail(id, FALSE); |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
990 |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
991 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id); |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
992 |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
993 ret = g_file_test(keypath, G_FILE_TEST_IS_REGULAR); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
994 |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
995 g_free(keypath); |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
996 return ret; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
997 } |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
998 |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
999 static PurpleCertificate * |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1000 x509_tls_peers_get_cert(const gchar *id) |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1001 { |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1002 PurpleCertificateScheme *x509; |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1003 PurpleCertificate *crt; |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1004 gchar *keypath; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1005 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1006 g_return_val_if_fail(id, NULL); |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1007 |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1008 /* Is it in the pool? */ |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1009 if ( !x509_tls_peers_cert_in_pool(id) ) { |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1010 return NULL; |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1011 } |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1012 |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1013 /* Look up the X.509 scheme */ |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1014 x509 = purple_certificate_find_scheme("x509"); |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1015 g_return_val_if_fail(x509, NULL); |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1016 |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1017 /* Okay, now find and load that key */ |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1018 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id); |
18990
3f2944bdb404
- Finish tls_peers get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18989
diff
changeset
|
1019 crt = purple_certificate_import(x509, keypath); |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1020 |
18990
3f2944bdb404
- Finish tls_peers get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18989
diff
changeset
|
1021 g_free(keypath); |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1022 |
18990
3f2944bdb404
- Finish tls_peers get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18989
diff
changeset
|
1023 return crt; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1024 } |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1025 |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1026 static gboolean |
18982
8948cd6bb8bc
- CertificatePool put_cert now accepts an id argument
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18977
diff
changeset
|
1027 x509_tls_peers_put_cert(const gchar *id, PurpleCertificate *crt) |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1028 { |
18991
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1029 gboolean ret = FALSE; |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1030 gchar *keypath; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1031 |
18991
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1032 g_return_val_if_fail(crt, FALSE); |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1033 g_return_val_if_fail(crt->scheme, FALSE); |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1034 /* Make sure that this is some kind of X.509 certificate */ |
18992
605e69fa7108
- Comment change
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18991
diff
changeset
|
1035 /* TODO: Perhaps just check crt->scheme->name instead? */ |
18991
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1036 g_return_val_if_fail(crt->scheme == purple_certificate_find_scheme(x509_tls_peers.scheme_name), FALSE); |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1037 |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1038 /* Work out the filename and export */ |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1039 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id); |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1040 ret = purple_certificate_export(keypath, crt); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1041 |
18991
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1042 g_free(keypath); |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1043 return ret; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1044 } |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1045 |
19047
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1046 static gboolean |
19048
fd0b4b2f6cf0
- remove_cert => delete_cert, because naming conventions are our
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19047
diff
changeset
|
1047 x509_tls_peers_delete_cert(const gchar *id) |
19047
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1048 { |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1049 gboolean ret = FALSE; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1050 gchar *keypath; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1051 |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1052 g_return_val_if_fail(id, FALSE); |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1053 |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1054 /* Is the id even in the pool? */ |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1055 if (!x509_tls_peers_cert_in_pool(id)) { |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1056 purple_debug_warning("certificate/tls_peers", |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1057 "Id %s wasn't in the pool\n", |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1058 id); |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1059 return FALSE; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1060 } |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1061 |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1062 /* OK, so work out the keypath and delete the thing */ |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1063 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id); |
19047
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1064 if ( unlink(keypath) != 0 ) { |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1065 purple_debug_error("certificate/tls_peers", |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1066 "Unlink of %s failed!\n", |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1067 keypath); |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1068 ret = FALSE; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1069 } else { |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1070 ret = TRUE; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1071 } |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1072 |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1073 g_free(keypath); |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1074 return ret; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1075 } |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1076 |
19027
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1077 static GList * |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1078 x509_tls_peers_get_idlist(void) |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1079 { |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1080 GList *idlist = NULL; |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1081 GDir *dir; |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1082 const gchar *entry; |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1083 gchar *poolpath; |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1084 |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1085 /* Get a handle on the pool directory */ |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1086 poolpath = purple_certificate_pool_mkpath(&x509_tls_peers, NULL); |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1087 dir = g_dir_open(poolpath, |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1088 0, /* No flags */ |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1089 NULL); /* Not interested in what the error is */ |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1090 g_free(poolpath); |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1091 |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1092 g_return_val_if_fail(dir, NULL); |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1093 |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1094 /* Traverse the directory listing and create an idlist */ |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1095 while ( (entry = g_dir_read_name(dir)) != NULL ) { |
19078
3987f76c0e4b
- tls_peers pool unescapes filenames in its directory, as it should
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19077
diff
changeset
|
1096 /* Unescape the filename */ |
3987f76c0e4b
- tls_peers pool unescapes filenames in its directory, as it should
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19077
diff
changeset
|
1097 const char *unescaped = purple_unescape_filename(entry); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1098 |
19027
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1099 /* Copy the entry name into our list (GLib owns the original |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1100 string) */ |
19078
3987f76c0e4b
- tls_peers pool unescapes filenames in its directory, as it should
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19077
diff
changeset
|
1101 idlist = g_list_prepend(idlist, g_strdup(unescaped)); |
19027
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1102 } |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1103 |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1104 /* Release the directory */ |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1105 g_dir_close(dir); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1106 |
19027
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1107 return idlist; |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1108 } |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1109 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1110 static PurpleCertificatePool x509_tls_peers = { |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1111 "x509", /* Scheme name */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1112 "tls_peers", /* Pool name */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1113 N_("SSL Peers Cache"), /* User-friendly name */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1114 NULL, /* Internal data */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1115 x509_tls_peers_init, /* init */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1116 NULL, /* uninit not required */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1117 x509_tls_peers_cert_in_pool, /* Certificate exists? */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1118 x509_tls_peers_get_cert, /* Cert retriever */ |
19026
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
1119 x509_tls_peers_put_cert, /* Cert writer */ |
19049
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
1120 x509_tls_peers_delete_cert, /* Cert remover */ |
19648
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1121 x509_tls_peers_get_idlist, /* idlist retriever */ |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1122 |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1123 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1124 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1125 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1126 NULL |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1127 }; |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1128 |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1129 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1130 /***** A Verifier that uses the tls_peers cache and the CA pool to validate certificates *****/ |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1131 static PurpleCertificateVerifier x509_tls_cached; |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1132 |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1133 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1134 /* The following is several hacks piled together and needs to be fixed. |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1135 * It exists because show_cert (see its comments) needs the original reason |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1136 * given to user_auth in order to rebuild the dialog. |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1137 */ |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1138 /* TODO: This will cause a ua_ctx to become memleaked if the request(s) get |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1139 closed by handle or otherwise abnormally. */ |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1140 typedef struct { |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1141 PurpleCertificateVerificationRequest *vrq; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1142 gchar *reason; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1143 } x509_tls_cached_ua_ctx; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1144 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1145 static x509_tls_cached_ua_ctx * |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1146 x509_tls_cached_ua_ctx_new(PurpleCertificateVerificationRequest *vrq, |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1147 const gchar *reason) |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1148 { |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1149 x509_tls_cached_ua_ctx *c; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1150 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1151 c = g_new0(x509_tls_cached_ua_ctx, 1); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1152 c->vrq = vrq; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1153 c->reason = g_strdup(reason); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1154 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1155 return c; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1156 } |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1157 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1158 |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1159 static void |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1160 x509_tls_cached_ua_ctx_free(x509_tls_cached_ua_ctx *c) |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1161 { |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1162 g_return_if_fail(c); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1163 g_free(c->reason); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1164 g_free(c); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1165 } |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1166 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1167 static void |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1168 x509_tls_cached_user_auth(PurpleCertificateVerificationRequest *vrq, |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1169 const gchar *reason); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1170 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1171 static void |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1172 x509_tls_cached_show_cert(x509_tls_cached_ua_ctx *c, gint id) |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1173 { |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1174 PurpleCertificate *disp_crt = c->vrq->cert_chain->data; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1175 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1176 /* Since clicking a button closes the request, show it again */ |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1177 x509_tls_cached_user_auth(c->vrq, c->reason); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1178 |
19564
4a1812e1ec35
When you have a certificate dialog and you click on "View Certificate",
Mark Doliner <mark@kingant.net>
parents:
19553
diff
changeset
|
1179 /* Show the certificate AFTER re-opening the dialog so that this |
4a1812e1ec35
When you have a certificate dialog and you click on "View Certificate",
Mark Doliner <mark@kingant.net>
parents:
19553
diff
changeset
|
1180 appears above the other */ |
4a1812e1ec35
When you have a certificate dialog and you click on "View Certificate",
Mark Doliner <mark@kingant.net>
parents:
19553
diff
changeset
|
1181 purple_certificate_display_x509(disp_crt); |
4a1812e1ec35
When you have a certificate dialog and you click on "View Certificate",
Mark Doliner <mark@kingant.net>
parents:
19553
diff
changeset
|
1182 |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1183 x509_tls_cached_ua_ctx_free(c); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1184 } |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1185 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1186 static void |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1187 x509_tls_cached_user_auth_cb (x509_tls_cached_ua_ctx *c, gint id) |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1188 { |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1189 PurpleCertificateVerificationRequest *vrq; |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1190 PurpleCertificatePool *tls_peers; |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1191 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1192 g_return_if_fail(c); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1193 g_return_if_fail(c->vrq); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1194 |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1195 vrq = c->vrq; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1196 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1197 x509_tls_cached_ua_ctx_free(c); |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1198 |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1199 tls_peers = purple_certificate_find_pool("x509","tls_peers"); |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1200 |
19331
920984752314
- Fix the interpretation of the "accept cert? yes/no" choice id given by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19330
diff
changeset
|
1201 if (2 == id) { |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1202 gchar *cache_id = vrq->subject_name; |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1203 purple_debug_info("certificate/x509/tls_cached", |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1204 "User ACCEPTED cert\nCaching first in chain for future use as %s...\n", |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1205 cache_id); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1206 |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1207 purple_certificate_pool_store(tls_peers, cache_id, |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1208 vrq->cert_chain->data); |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1209 |
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1210 purple_certificate_verify_complete(vrq, |
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1211 PURPLE_CERTIFICATE_VALID); |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1212 } else { |
27313
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25432
diff
changeset
|
1213 purple_debug_warning("certificate/x509/tls_cached", |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1214 "User REJECTED cert\n"); |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1215 purple_certificate_verify_complete(vrq, |
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1216 PURPLE_CERTIFICATE_INVALID); |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1217 } |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1218 } |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1219 |
19515
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1220 static void |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1221 x509_tls_cached_user_auth_accept_cb(x509_tls_cached_ua_ctx *c, gint ignore) |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1222 { |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1223 x509_tls_cached_user_auth_cb(c, 2); |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1224 } |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1225 |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1226 static void |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1227 x509_tls_cached_user_auth_reject_cb(x509_tls_cached_ua_ctx *c, gint ignore) |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1228 { |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1229 x509_tls_cached_user_auth_cb(c, 1); |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1230 } |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1231 |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1232 /** Validates a certificate by asking the user |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1233 * @param reason String to explain why the user needs to accept/refuse the |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1234 * certificate. |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1235 * @todo Needs a handle argument |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1236 */ |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1237 static void |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1238 x509_tls_cached_user_auth(PurpleCertificateVerificationRequest *vrq, |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1239 const gchar *reason) |
19000
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1240 { |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1241 gchar *primary; |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1242 |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1243 /* Make messages */ |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1244 primary = g_strdup_printf(_("Accept certificate for %s?"), |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1245 vrq->subject_name); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1246 |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1247 /* Make a semi-pretty display */ |
21099
51cf02dbdb0e
disapproval of revision 'c484d979c4fda4433a9633ff8b69bd8a395c9479'
Richard Laager <rlaager@wiktel.com>
parents:
21095
diff
changeset
|
1248 purple_request_action( |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1249 vrq->cb_data, /* TODO: Find what the handle ought to be */ |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1250 _("SSL Certificate Verification"), |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1251 primary, |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1252 reason, |
22142
1f3f2d2c9a2b
A few more "purple_request_action" default action corrections
Mark Doliner <mark@kingant.net>
parents:
21929
diff
changeset
|
1253 0, /* Accept by default */ |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1254 NULL, /* No account */ |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1255 NULL, /* No other user */ |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1256 NULL, /* No associated conversation */ |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1257 x509_tls_cached_ua_ctx_new(vrq, reason), |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1258 3, /* Number of actions */ |
19534
126c5235627b
- Change wording on certificate accept/reject dialog
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19517
diff
changeset
|
1259 _("Accept"), x509_tls_cached_user_auth_accept_cb, |
126c5235627b
- Change wording on certificate accept/reject dialog
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19517
diff
changeset
|
1260 _("Reject"), x509_tls_cached_user_auth_reject_cb, |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1261 _("_View Certificate..."), x509_tls_cached_show_cert); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1262 |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1263 /* Cleanup */ |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1264 g_free(primary); |
19000
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1265 } |
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1266 |
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1267 static void |
21929
cedbb3860134
If a peer certificate does not match our cached cert, do not auto reject it!
Stu Tomlinson <stu@nosnilmot.com>
parents:
21927
diff
changeset
|
1268 x509_tls_cached_unknown_peer(PurpleCertificateVerificationRequest *vrq); |
cedbb3860134
If a peer certificate does not match our cached cert, do not auto reject it!
Stu Tomlinson <stu@nosnilmot.com>
parents:
21927
diff
changeset
|
1269 |
cedbb3860134
If a peer certificate does not match our cached cert, do not auto reject it!
Stu Tomlinson <stu@nosnilmot.com>
parents:
21927
diff
changeset
|
1270 static void |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1271 x509_tls_cached_cert_in_cache(PurpleCertificateVerificationRequest *vrq) |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1272 { |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1273 /* TODO: Looking this up by name over and over is expensive. |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1274 Fix, please! */ |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1275 PurpleCertificatePool *tls_peers = |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1276 purple_certificate_find_pool(x509_tls_cached.scheme_name, |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1277 "tls_peers"); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1278 |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1279 /* The peer's certificate should be the first in the list */ |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1280 PurpleCertificate *peer_crt = |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1281 (PurpleCertificate *) vrq->cert_chain->data; |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1282 |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1283 PurpleCertificate *cached_crt; |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1284 GByteArray *peer_fpr, *cached_fpr; |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1285 |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1286 /* Load up the cached certificate */ |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1287 cached_crt = purple_certificate_pool_retrieve( |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1288 tls_peers, vrq->subject_name); |
19553
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
1289 if ( !cached_crt ) { |
27643
199cf148cdf8
Continue verification when we can't find a *cached* peer. Fixes #9664.
Paul Aurich <paul@darkrain42.org>
parents:
27612
diff
changeset
|
1290 purple_debug_warning("certificate/x509/tls_cached", |
19553
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
1291 "Lookup failed on cached certificate!\n" |
27643
199cf148cdf8
Continue verification when we can't find a *cached* peer. Fixes #9664.
Paul Aurich <paul@darkrain42.org>
parents:
27612
diff
changeset
|
1292 "Falling back to full verification.\n"); |
199cf148cdf8
Continue verification when we can't find a *cached* peer. Fixes #9664.
Paul Aurich <paul@darkrain42.org>
parents:
27612
diff
changeset
|
1293 /* vrq now becomes the problem of unknown_peer */ |
199cf148cdf8
Continue verification when we can't find a *cached* peer. Fixes #9664.
Paul Aurich <paul@darkrain42.org>
parents:
27612
diff
changeset
|
1294 x509_tls_cached_unknown_peer(vrq); |
24805
7608cf033a88
Prevent a NULL ptr deref when unexpected stuff happens in the cert cache. Fixes #7776,#7769
Daniel Atallah <daniel.atallah@gmail.com>
parents:
24683
diff
changeset
|
1295 return; |
19553
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
1296 } |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1297 |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1298 /* Now get SHA1 sums for both and compare them */ |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1299 /* TODO: This is not an elegant way to compare certs */ |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1300 peer_fpr = purple_certificate_get_fingerprint_sha1(peer_crt); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1301 cached_fpr = purple_certificate_get_fingerprint_sha1(cached_crt); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1302 if (!memcmp(peer_fpr->data, cached_fpr->data, peer_fpr->len)) { |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1303 purple_debug_info("certificate/x509/tls_cached", |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1304 "Peer cert matched cached\n"); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1305 /* vrq is now finished */ |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1306 purple_certificate_verify_complete(vrq, |
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1307 PURPLE_CERTIFICATE_VALID); |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1308 } else { |
27313
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25432
diff
changeset
|
1309 purple_debug_error("certificate/x509/tls_cached", |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1310 "Peer cert did NOT match cached\n"); |
21929
cedbb3860134
If a peer certificate does not match our cached cert, do not auto reject it!
Stu Tomlinson <stu@nosnilmot.com>
parents:
21927
diff
changeset
|
1311 /* vrq now becomes the problem of the user */ |
cedbb3860134
If a peer certificate does not match our cached cert, do not auto reject it!
Stu Tomlinson <stu@nosnilmot.com>
parents:
21927
diff
changeset
|
1312 x509_tls_cached_unknown_peer(vrq); |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1313 } |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1314 |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1315 purple_certificate_destroy(cached_crt); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1316 g_byte_array_free(peer_fpr, TRUE); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1317 g_byte_array_free(cached_fpr, TRUE); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1318 } |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1319 |
28070
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1320 /* |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1321 * This is called from two points in x509_tls_cached_unknown_peer below |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1322 * once we've verified the signature chain is valid. Now we need to verify |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1323 * the subject name of the certificate. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1324 */ |
19085
1bd9557f866e
In tls_cached Verifier:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19084
diff
changeset
|
1325 static void |
28100
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1326 x509_tls_cached_check_subject_name(PurpleCertificateVerificationRequest *vrq, |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1327 gboolean had_ca_pool) |
19085
1bd9557f866e
In tls_cached Verifier:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19084
diff
changeset
|
1328 { |
28070
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1329 PurpleCertificatePool *tls_peers; |
27999
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27997
diff
changeset
|
1330 PurpleCertificate *peer_crt; |
19089
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1331 GList *chain = vrq->cert_chain; |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1332 |
19090
5310b1294287
- Add HOSTNAME CHECKING to tls_cached unknown_peer mode, which is kind
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19089
diff
changeset
|
1333 peer_crt = (PurpleCertificate *) chain->data; |
5310b1294287
- Add HOSTNAME CHECKING to tls_cached unknown_peer mode, which is kind
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19089
diff
changeset
|
1334 |
21927
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1335 /* Last, check that the hostname matches */ |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1336 if ( ! purple_certificate_check_subject_name(peer_crt, |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1337 vrq->subject_name) ) { |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1338 gchar *sn = purple_certificate_get_subject_name(peer_crt); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1339 |
27313
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25432
diff
changeset
|
1340 purple_debug_error("certificate/x509/tls_cached", |
21927
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1341 "Name mismatch: Certificate given for %s " |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1342 "has a name of %s\n", |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1343 vrq->subject_name, sn); |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1344 |
28100
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1345 if (had_ca_pool) { |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1346 /* Prompt the user to authenticate the certificate */ |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1347 /* TODO: Provide the user with more guidance about why he is |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1348 being prompted */ |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1349 /* vrq will be completed by user_auth */ |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1350 gchar *msg; |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1351 msg = g_strdup_printf(_("The certificate presented by \"%s\" " |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1352 "claims to be from \"%s\" instead. " |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1353 "This could mean that you are not " |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1354 "connecting to the service you " |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1355 "believe you are."), |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1356 vrq->subject_name, sn); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1357 |
28100
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1358 x509_tls_cached_user_auth(vrq, msg); |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1359 g_free(msg); |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1360 } else { |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1361 /* Had no CA pool, so couldn't verify the chain *and* |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1362 * the subject name isn't valid. |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1363 * I think this is bad enough to warrant a fatal error. It's |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1364 * not likely anyway... |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1365 */ |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1366 purple_notify_error(NULL, /* TODO: Probably wrong. */ |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1367 _("SSL Certificate Error"), |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1368 _("Invalid certificate chain"), |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1369 _("You have no database of root certificates, so " |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1370 "this certificate cannot be validated.")); |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1371 } |
21927
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1372 |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1373 g_free(sn); |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1374 return; |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1375 } /* if (name mismatch) */ |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1376 |
28129
c72d171565c4
cert: Fix a reversed check. Oops.
Paul Aurich <paul@darkrain42.org>
parents:
28101
diff
changeset
|
1377 if (!had_ca_pool) { |
28100
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1378 /* The subject name is correct, but we weren't able to verify the |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1379 * chain because there was no pool of root CAs found. Prompt the user |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1380 * to validate it. |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1381 */ |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1382 |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1383 /* vrq will be completed by user_auth */ |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1384 x509_tls_cached_user_auth(vrq,_("You have no database of root " |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1385 "certificates, so this " |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1386 "certificate cannot be " |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1387 "validated.")); |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1388 return; |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1389 } |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1390 |
19089
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1391 /* If we reach this point, the certificate is good. */ |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1392 /* Look up the local cache and store it there for future use */ |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1393 tls_peers = purple_certificate_find_pool(x509_tls_cached.scheme_name, |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1394 "tls_peers"); |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1395 |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1396 if (tls_peers) { |
19553
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
1397 if (!purple_certificate_pool_store(tls_peers,vrq->subject_name, |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
1398 peer_crt) ) { |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
1399 purple_debug_error("certificate/x509/tls_cached", |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
1400 "FAILED to cache peer certificate\n"); |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
1401 } |
19089
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1402 } else { |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1403 purple_debug_error("certificate/x509/tls_cached", |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1404 "Unable to locate tls_peers certificate " |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1405 "cache.\n"); |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1406 } |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1407 |
19089
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1408 /* Whew! Done! */ |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1409 purple_certificate_verify_complete(vrq, PURPLE_CERTIFICATE_VALID); |
28070
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1410 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1411 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1412 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1413 /* For when we've never communicated with this party before */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1414 /* TODO: Need ways to specify possibly multiple problems with a cert, or at |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1415 least reprioritize them. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1416 */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1417 static void |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1418 x509_tls_cached_unknown_peer(PurpleCertificateVerificationRequest *vrq) |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1419 { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1420 PurpleCertificatePool *ca; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1421 PurpleCertificate *peer_crt; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1422 PurpleCertificate *ca_crt, *end_crt; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1423 PurpleCertificate *failing_crt; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1424 GList *chain = vrq->cert_chain; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1425 GByteArray *last_fpr, *ca_fpr; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1426 gchar *ca_id; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1427 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1428 peer_crt = (PurpleCertificate *) chain->data; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1429 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1430 /* TODO: Figure out a way to check for a bad signature, as opposed to |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1431 "not self-signed" */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1432 if ( purple_certificate_signed_by(peer_crt, peer_crt) ) { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1433 gchar *msg; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1434 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1435 purple_debug_info("certificate/x509/tls_cached", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1436 "Certificate for %s is self-signed.\n", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1437 vrq->subject_name); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1438 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1439 /* Prompt the user to authenticate the certificate */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1440 /* vrq will be completed by user_auth */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1441 msg = g_strdup_printf(_("The certificate presented by \"%s\" " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1442 "is self-signed. It cannot be " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1443 "automatically checked."), |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1444 vrq->subject_name); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1445 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1446 x509_tls_cached_user_auth(vrq,msg); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1447 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1448 g_free(msg); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1449 return; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1450 } /* if (self signed) */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1451 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1452 /* Next, attempt to verify the last certificate against a CA */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1453 ca = purple_certificate_find_pool(x509_tls_cached.scheme_name, "ca"); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1454 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1455 /* Next, check that the certificate chain is valid */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1456 if (!purple_certificate_check_signature_chain_with_failing(chain, |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1457 &failing_crt)) |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1458 { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1459 gboolean chain_validated = FALSE; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1460 /* |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1461 * Check if the failing certificate is in the CA store. If it is, then |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1462 * consider this fully validated. This works around issues with some |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1463 * prominent intermediate CAs whose signature is md5WithRSAEncryption. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1464 * I'm looking at CACert Class 3 here. See #4458 for details. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1465 */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1466 if (ca) { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1467 gchar *uid = purple_certificate_get_unique_id(failing_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1468 PurpleCertificate *ca_crt = purple_certificate_pool_retrieve(ca, uid); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1469 if (ca_crt != NULL) { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1470 GByteArray *failing_fpr; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1471 GByteArray *ca_fpr; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1472 failing_fpr = purple_certificate_get_fingerprint_sha1(failing_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1473 ca_fpr = purple_certificate_get_fingerprint_sha1(ca_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1474 if (byte_arrays_equal(failing_fpr, ca_fpr)) { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1475 purple_debug_info("certificate/x509/tls_cached", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1476 "Full chain verification failed (probably a bad " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1477 "signature algorithm), but found the last " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1478 "certificate %s in the CA pool.\n", uid); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1479 chain_validated = TRUE; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1480 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1481 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1482 g_byte_array_free(failing_fpr, TRUE); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1483 g_byte_array_free(ca_fpr, TRUE); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1484 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1485 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1486 purple_certificate_destroy(ca_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1487 g_free(uid); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1488 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1489 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1490 /* |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1491 * If we get here, either the cert matched the stuff right above |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1492 * or it didn't, in which case we give up and complain to the user. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1493 */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1494 if (chain_validated) { |
28100
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1495 x509_tls_cached_check_subject_name(vrq, TRUE); |
28070
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1496 } else { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1497 /* TODO: Tell the user where the chain broke? */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1498 /* TODO: This error will hopelessly confuse any |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1499 non-elite user. */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1500 gchar *secondary; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1501 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1502 secondary = g_strdup_printf(_("The certificate chain presented" |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1503 " for %s is not valid."), |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1504 vrq->subject_name); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1505 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1506 /* TODO: Make this error either block the ensuing SSL |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1507 connection error until the user dismisses this one, or |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1508 stifle it. */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1509 purple_notify_error(NULL, /* TODO: Probably wrong. */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1510 _("SSL Certificate Error"), |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1511 _("Invalid certificate chain"), |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1512 secondary ); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1513 g_free(secondary); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1514 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1515 /* Okay, we're done here */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1516 purple_certificate_verify_complete(vrq, |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1517 PURPLE_CERTIFICATE_INVALID); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1518 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1519 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1520 return; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1521 } /* if (signature chain not good) */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1522 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1523 /* If, for whatever reason, there is no Certificate Authority pool |
28100
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1524 loaded, we'll verify the subject name and then warn about thsi. */ |
28070
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1525 if ( !ca ) { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1526 purple_debug_error("certificate/x509/tls_cached", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1527 "No X.509 Certificate Authority pool " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1528 "could be found!\n"); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1529 |
28100
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1530 x509_tls_cached_check_subject_name(vrq, FALSE); |
28070
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1531 return; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1532 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1533 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1534 end_crt = g_list_last(chain)->data; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1535 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1536 /* Attempt to look up the last certificate's issuer */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1537 ca_id = purple_certificate_get_issuer_unique_id(end_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1538 purple_debug_info("certificate/x509/tls_cached", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1539 "Checking for a CA with DN=%s\n", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1540 ca_id); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1541 ca_crt = purple_certificate_pool_retrieve(ca, ca_id); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1542 if ( NULL == ca_crt ) { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1543 purple_debug_warning("certificate/x509/tls_cached", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1544 "Certificate Authority with DN='%s' not " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1545 "found. I'll prompt the user, I guess.\n", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1546 ca_id); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1547 g_free(ca_id); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1548 /* vrq will be completed by user_auth */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1549 x509_tls_cached_user_auth(vrq,_("The root certificate this " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1550 "one claims to be issued by " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1551 "is unknown to Pidgin.")); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1552 return; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1553 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1554 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1555 g_free(ca_id); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1556 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1557 /* |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1558 * Check the fingerprints; if they match, then this certificate *is* one |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1559 * of the designated "trusted roots", and we don't need to verify the |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1560 * signature. This is good because some of the older roots are self-signed |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1561 * with bad hash algorithms that we don't want to allow in any other |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1562 * circumstances (one of Verisign's root CAs is self-signed with MD2). |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1563 * |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1564 * If the fingerprints don't match, we'll fall back to checking the |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1565 * signature. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1566 * |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1567 * GnuTLS doesn't seem to include the final root in the verification |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1568 * list, so this check will never succeed. NSS *does* include it in |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1569 * the list, so here we are. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1570 */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1571 last_fpr = purple_certificate_get_fingerprint_sha1(end_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1572 ca_fpr = purple_certificate_get_fingerprint_sha1(ca_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1573 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1574 if ( !byte_arrays_equal(last_fpr, ca_fpr) && |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1575 !purple_certificate_signed_by(end_crt, ca_crt) ) |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1576 { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1577 /* TODO: If signed_by ever returns a reason, maybe mention |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1578 that, too. */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1579 /* TODO: Also mention the CA involved. While I could do this |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1580 now, a full DN is a little much with which to assault the |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1581 user's poor, leaky eyes. */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1582 /* TODO: This error message makes my eyes cross, and I wrote it */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1583 gchar * secondary = |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1584 g_strdup_printf(_("The certificate chain presented by " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1585 "%s does not have a valid digital " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1586 "signature from the Certificate " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1587 "Authority from which it claims to " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1588 "have a signature."), |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1589 vrq->subject_name); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1590 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1591 purple_notify_error(NULL, /* TODO: Probably wrong */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1592 _("SSL Certificate Error"), |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1593 _("Invalid certificate authority" |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1594 " signature"), |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1595 secondary); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1596 g_free(secondary); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1597 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1598 /* Signal "bad cert" */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1599 purple_certificate_verify_complete(vrq, |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1600 PURPLE_CERTIFICATE_INVALID); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1601 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1602 purple_certificate_destroy(ca_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1603 g_byte_array_free(ca_fpr, TRUE); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1604 g_byte_array_free(last_fpr, TRUE); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1605 return; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1606 } /* if (CA signature not good) */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1607 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1608 g_byte_array_free(ca_fpr, TRUE); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1609 g_byte_array_free(last_fpr, TRUE); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27999
diff
changeset
|
1610 |
28100
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
28070
diff
changeset
|
1611 x509_tls_cached_check_subject_name(vrq, TRUE); |
19085
1bd9557f866e
In tls_cached Verifier:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19084
diff
changeset
|
1612 } |
1bd9557f866e
In tls_cached Verifier:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19084
diff
changeset
|
1613 |
19000
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1614 static void |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1615 x509_tls_cached_start_verify(PurpleCertificateVerificationRequest *vrq) |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1616 { |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1617 const gchar *tls_peers_name = "tls_peers"; /* Name of local cache */ |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1618 PurpleCertificatePool *tls_peers; |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1619 time_t now, activation, expiration; |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1620 gboolean ret; |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1621 |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1622 g_return_if_fail(vrq); |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1623 |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1624 purple_debug_info("certificate/x509/tls_cached", |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1625 "Starting verify for %s\n", |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1626 vrq->subject_name); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1627 |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1628 /* |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1629 * Verify the first certificate (the main one) has been activated and |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1630 * isn't expired, i.e. activation < now < expiration. |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1631 */ |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1632 now = time(NULL); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1633 ret = purple_certificate_get_times(vrq->cert_chain->data, &activation, |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1634 &expiration); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1635 if (!ret || now > expiration || now < activation) { |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1636 gchar *secondary; |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1637 |
28320
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1638 if (!ret) { |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1639 purple_debug_error("certificate/x509/tls_cached", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1640 "Failed to get validity times for certificate %s\n", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1641 vrq->subject_name); |
28320
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1642 secondary = g_strdup_printf(_("Failed to validate expiration time " |
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1643 "for %s"), vrq->subject_name); |
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1644 } else if (now > expiration) { |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1645 purple_debug_error("certificate/x509/tls_cached", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1646 "Certificate %s expired at %s\n", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1647 vrq->subject_name, ctime(&expiration)); |
28320
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1648 secondary = g_strdup_printf(_("The certificate for %s is expired."), |
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1649 vrq->subject_name); |
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1650 } else { |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1651 purple_debug_error("certificate/x509/tls_cached", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1652 "Certificate %s is not yet valid, will be at %s\n", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1653 vrq->subject_name, ctime(&activation)); |
28320
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1654 secondary = g_strdup_printf(_("The certificate for %s should not " |
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1655 "yet be in use."), vrq->subject_name); |
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1656 } |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1657 |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1658 purple_notify_error(NULL, /* TODO: Probably wrong. */ |
28320
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1659 _("SSL Certificate Error"), |
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1660 _("Invalid certificate chain"), |
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1661 secondary ); |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1662 g_free(secondary); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1663 |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1664 /* Okay, we're done here */ |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1665 purple_certificate_verify_complete(vrq, |
28320
6dd97a284d65
Better errors for certificate expiration/activation checking.
Paul Aurich <paul@darkrain42.org>
parents:
27992
diff
changeset
|
1666 PURPLE_CERTIFICATE_INVALID); |
27992
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1667 return; |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1668 } |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27643
diff
changeset
|
1669 |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1670 tls_peers = purple_certificate_find_pool(x509_tls_cached.scheme_name,tls_peers_name); |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1671 |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1672 if (!tls_peers) { |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1673 purple_debug_error("certificate/x509/tls_cached", |
23917
11f98b1e605b
remove misleading portion of the debug line
Ka-Hing Cheung <khc@hxbc.us>
parents:
23743
diff
changeset
|
1674 "Couldn't find local peers cache %s\n", |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1675 tls_peers_name); |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1676 |
20247
e6315ec87124
applied changes from 92e6c32278d711f0d5807c4d931b26162e4a720f
Richard Laager <rlaager@wiktel.com>
parents:
19687
diff
changeset
|
1677 |
e6315ec87124
applied changes from 92e6c32278d711f0d5807c4d931b26162e4a720f
Richard Laager <rlaager@wiktel.com>
parents:
19687
diff
changeset
|
1678 /* vrq now becomes the problem of unknown_peer */ |
e6315ec87124
applied changes from 92e6c32278d711f0d5807c4d931b26162e4a720f
Richard Laager <rlaager@wiktel.com>
parents:
19687
diff
changeset
|
1679 x509_tls_cached_unknown_peer(vrq); |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1680 return; |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1681 } |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1682 |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1683 /* Check if the peer has a certificate cached already */ |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1684 purple_debug_info("certificate/x509/tls_cached", |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1685 "Checking for cached cert...\n"); |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1686 if (purple_certificate_pool_contains(tls_peers, vrq->subject_name)) { |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1687 purple_debug_info("certificate/x509/tls_cached", |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1688 "...Found cached cert\n"); |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1689 /* vrq is now the responsibility of cert_in_cache */ |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1690 x509_tls_cached_cert_in_cache(vrq); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1691 } else { |
27313
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25432
diff
changeset
|
1692 purple_debug_warning("certificate/x509/tls_cached", |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1693 "...Not in cache\n"); |
19000
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1694 /* vrq now becomes the problem of unknown_peer */ |
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1695 x509_tls_cached_unknown_peer(vrq); |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1696 } |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1697 } |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1698 |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1699 static void |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1700 x509_tls_cached_destroy_request(PurpleCertificateVerificationRequest *vrq) |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1701 { |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1702 g_return_if_fail(vrq); |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1703 } |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1704 |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1705 static PurpleCertificateVerifier x509_tls_cached = { |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1706 "x509", /* Scheme name */ |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1707 "tls_cached", /* Verifier name */ |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1708 x509_tls_cached_start_verify, /* Verification begin */ |
19648
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1709 x509_tls_cached_destroy_request,/* Request cleanup */ |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1710 |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1711 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1712 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1713 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1714 NULL |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1715 |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1716 }; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1717 |
18950
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1718 /****************************************************************************/ |
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1719 /* Subsystem */ |
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1720 /****************************************************************************/ |
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1721 void |
18957
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1722 purple_certificate_init(void) |
18950
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1723 { |
18957
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1724 /* Register builtins */ |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
1725 purple_certificate_register_verifier(&x509_singleuse); |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1726 purple_certificate_register_pool(&x509_ca); |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1727 purple_certificate_register_pool(&x509_tls_peers); |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1728 purple_certificate_register_verifier(&x509_tls_cached); |
18950
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1729 } |
18946
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
1730 |
18957
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1731 void |
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1732 purple_certificate_uninit(void) |
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1733 { |
19024
264f00bc8f22
- Change certificate_uninit to unregister all Pools, Schemes, and
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19023
diff
changeset
|
1734 /* Unregister all Verifiers */ |
24999
fc8fd4fef166
Fix a crash on exit with a patch from im.pidgin.next.minor.
Elliott Sales de Andrade <qulogic@pidgin.im>
parents:
24805
diff
changeset
|
1735 g_list_foreach(cert_verifiers, (GFunc)purple_certificate_unregister_verifier, NULL); |
19024
264f00bc8f22
- Change certificate_uninit to unregister all Pools, Schemes, and
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19023
diff
changeset
|
1736 |
264f00bc8f22
- Change certificate_uninit to unregister all Pools, Schemes, and
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19023
diff
changeset
|
1737 /* Unregister all Pools */ |
24999
fc8fd4fef166
Fix a crash on exit with a patch from im.pidgin.next.minor.
Elliott Sales de Andrade <qulogic@pidgin.im>
parents:
24805
diff
changeset
|
1738 g_list_foreach(cert_pools, (GFunc)purple_certificate_unregister_pool, NULL); |
18957
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1739 } |
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1740 |
19022
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1741 gpointer |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1742 purple_certificate_get_handle(void) |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1743 { |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1744 static gint handle; |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1745 return &handle; |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1746 } |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1747 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1748 PurpleCertificateScheme * |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1749 purple_certificate_find_scheme(const gchar *name) |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1750 { |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1751 PurpleCertificateScheme *scheme = NULL; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1752 GList *l; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1753 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1754 g_return_val_if_fail(name, NULL); |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1755 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1756 /* Traverse the list of registered schemes and locate the |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1757 one whose name matches */ |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1758 for(l = cert_schemes; l; l = l->next) { |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1759 scheme = (PurpleCertificateScheme *)(l->data); |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1760 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1761 /* Name matches? that's our man */ |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1762 if(!g_ascii_strcasecmp(scheme->name, name)) |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1763 return scheme; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1764 } |
17638
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
1765 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1766 purple_debug_warning("certificate", |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1767 "CertificateScheme %s requested but not found.\n", |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1768 name); |
17638
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
1769 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1770 /* TODO: Signalling and such? */ |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1771 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1772 return NULL; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1773 } |
17638
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
1774 |
19023
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1775 GList * |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1776 purple_certificate_get_schemes(void) |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1777 { |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1778 return cert_schemes; |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1779 } |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1780 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1781 gboolean |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1782 purple_certificate_register_scheme(PurpleCertificateScheme *scheme) |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1783 { |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1784 g_return_val_if_fail(scheme != NULL, FALSE); |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1785 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1786 /* Make sure no scheme is registered with the same name */ |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1787 if (purple_certificate_find_scheme(scheme->name) != NULL) { |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1788 return FALSE; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1789 } |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1790 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1791 /* Okay, we're golden. Register it. */ |
18972
486563a6bb5c
- prepend > append
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18971
diff
changeset
|
1792 cert_schemes = g_list_prepend(cert_schemes, scheme); |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1793 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1794 /* TODO: Signalling and such? */ |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1795 |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1796 purple_debug_info("certificate", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1797 "CertificateScheme %s registered\n", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1798 scheme->name); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1799 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1800 return TRUE; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17641
diff
changeset
|
1801 } |
18926
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1802 |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1803 gboolean |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1804 purple_certificate_unregister_scheme(PurpleCertificateScheme *scheme) |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1805 { |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1806 if (NULL == scheme) { |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1807 purple_debug_warning("certificate", |
18973
28673b6fb8a2
- Fix some errors and return values
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18972
diff
changeset
|
1808 "Attempting to unregister NULL scheme\n"); |
28673b6fb8a2
- Fix some errors and return values
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18972
diff
changeset
|
1809 return FALSE; |
18926
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1810 } |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1811 |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1812 /* TODO: signalling? */ |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1813 |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1814 /* TODO: unregister all CertificateVerifiers for this scheme?*/ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1815 /* TODO: unregister all CertificatePools for this scheme? */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1816 /* Neither of the above should be necessary, though */ |
18926
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1817 cert_schemes = g_list_remove(cert_schemes, scheme); |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1818 |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1819 purple_debug_info("certificate", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1820 "CertificateScheme %s unregistered\n", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1821 scheme->name); |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1822 |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1823 |
18926
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1824 return TRUE; |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1825 } |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1826 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1827 PurpleCertificateVerifier * |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1828 purple_certificate_find_verifier(const gchar *scheme_name, const gchar *ver_name) |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1829 { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1830 PurpleCertificateVerifier *vr = NULL; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1831 GList *l; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1832 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1833 g_return_val_if_fail(scheme_name, NULL); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1834 g_return_val_if_fail(ver_name, NULL); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1835 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1836 /* Traverse the list of registered verifiers and locate the |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1837 one whose name matches */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1838 for(l = cert_verifiers; l; l = l->next) { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1839 vr = (PurpleCertificateVerifier *)(l->data); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1840 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1841 /* Scheme and name match? */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1842 if(!g_ascii_strcasecmp(vr->scheme_name, scheme_name) && |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1843 !g_ascii_strcasecmp(vr->name, ver_name)) |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1844 return vr; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1845 } |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1846 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1847 purple_debug_warning("certificate", |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1848 "CertificateVerifier %s, %s requested but not found.\n", |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1849 scheme_name, ver_name); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1850 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1851 /* TODO: Signalling and such? */ |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1852 |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1853 return NULL; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1854 } |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1855 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1856 |
19023
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1857 GList * |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1858 purple_certificate_get_verifiers(void) |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1859 { |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1860 return cert_verifiers; |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1861 } |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1862 |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1863 gboolean |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1864 purple_certificate_register_verifier(PurpleCertificateVerifier *vr) |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1865 { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1866 g_return_val_if_fail(vr != NULL, FALSE); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1867 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1868 /* Make sure no verifier is registered with the same scheme/name */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1869 if (purple_certificate_find_verifier(vr->scheme_name, vr->name) != NULL) { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1870 return FALSE; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1871 } |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1872 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1873 /* Okay, we're golden. Register it. */ |
18972
486563a6bb5c
- prepend > append
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18971
diff
changeset
|
1874 cert_verifiers = g_list_prepend(cert_verifiers, vr); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1875 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1876 /* TODO: Signalling and such? */ |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1877 |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1878 purple_debug_info("certificate", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1879 "CertificateVerifier %s registered\n", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1880 vr->name); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1881 return TRUE; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1882 } |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1883 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1884 gboolean |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1885 purple_certificate_unregister_verifier(PurpleCertificateVerifier *vr) |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1886 { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1887 if (NULL == vr) { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1888 purple_debug_warning("certificate", |
18973
28673b6fb8a2
- Fix some errors and return values
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18972
diff
changeset
|
1889 "Attempting to unregister NULL verifier\n"); |
28673b6fb8a2
- Fix some errors and return values
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18972
diff
changeset
|
1890 return FALSE; |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1891 } |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1892 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1893 /* TODO: signalling? */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1894 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1895 cert_verifiers = g_list_remove(cert_verifiers, vr); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1896 |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1897 |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1898 purple_debug_info("certificate", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1899 "CertificateVerifier %s unregistered\n", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1900 vr->name); |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1901 |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1902 return TRUE; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1903 } |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1904 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1905 PurpleCertificatePool * |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1906 purple_certificate_find_pool(const gchar *scheme_name, const gchar *pool_name) |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1907 { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1908 PurpleCertificatePool *pool = NULL; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1909 GList *l; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1910 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1911 g_return_val_if_fail(scheme_name, NULL); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1912 g_return_val_if_fail(pool_name, NULL); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1913 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1914 /* Traverse the list of registered pools and locate the |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1915 one whose name matches */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1916 for(l = cert_pools; l; l = l->next) { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1917 pool = (PurpleCertificatePool *)(l->data); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1918 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1919 /* Scheme and name match? */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1920 if(!g_ascii_strcasecmp(pool->scheme_name, scheme_name) && |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1921 !g_ascii_strcasecmp(pool->name, pool_name)) |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1922 return pool; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1923 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1924 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1925 purple_debug_warning("certificate", |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1926 "CertificatePool %s, %s requested but not found.\n", |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1927 scheme_name, pool_name); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1928 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1929 /* TODO: Signalling and such? */ |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
1930 |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1931 return NULL; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1932 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1933 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1934 |
19023
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1935 GList * |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1936 purple_certificate_get_pools(void) |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1937 { |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1938 return cert_pools; |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1939 } |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1940 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1941 gboolean |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1942 purple_certificate_register_pool(PurpleCertificatePool *pool) |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1943 { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1944 g_return_val_if_fail(pool, FALSE); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1945 g_return_val_if_fail(pool->scheme_name, FALSE); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1946 g_return_val_if_fail(pool->name, FALSE); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1947 g_return_val_if_fail(pool->fullname, FALSE); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1948 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1949 /* Make sure no pools are registered under this name */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1950 if (purple_certificate_find_pool(pool->scheme_name, pool->name)) { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1951 return FALSE; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1952 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1953 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1954 /* Initialize the pool if needed */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1955 if (pool->init) { |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1956 gboolean success; |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1957 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1958 success = pool->init(); |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1959 if (!success) |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1960 return FALSE; |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1961 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1962 |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1963 /* Register the Pool */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1964 cert_pools = g_list_prepend(cert_pools, pool); |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1965 |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1966 /* TODO: Emit a signal that the pool got registered */ |
19044
602295db8e6b
- Register the certificate-stored and certificate-deleted signals
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19034
diff
changeset
|
1967 |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1968 PURPLE_DBUS_REGISTER_POINTER(pool, PurpleCertificatePool); |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1969 purple_signal_register(pool, /* Signals emitted from pool */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1970 "certificate-stored", |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1971 purple_marshal_VOID__POINTER_POINTER, |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1972 NULL, /* No callback return value */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1973 2, /* Two non-data arguments */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1974 purple_value_new(PURPLE_TYPE_SUBTYPE, |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1975 PURPLE_SUBTYPE_CERTIFICATEPOOL), |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1976 purple_value_new(PURPLE_TYPE_STRING)); |
19044
602295db8e6b
- Register the certificate-stored and certificate-deleted signals
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19034
diff
changeset
|
1977 |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1978 purple_signal_register(pool, /* Signals emitted from pool */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1979 "certificate-deleted", |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1980 purple_marshal_VOID__POINTER_POINTER, |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1981 NULL, /* No callback return value */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1982 2, /* Two non-data arguments */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1983 purple_value_new(PURPLE_TYPE_SUBTYPE, |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1984 PURPLE_SUBTYPE_CERTIFICATEPOOL), |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1985 purple_value_new(PURPLE_TYPE_STRING)); |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1986 |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1987 purple_debug_info("certificate", |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1988 "CertificatePool %s registered\n", |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1989 pool->name); |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1990 |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
1991 return TRUE; |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1992 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1993 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1994 gboolean |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1995 purple_certificate_unregister_pool(PurpleCertificatePool *pool) |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1996 { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1997 if (NULL == pool) { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1998 purple_debug_warning("certificate", |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
1999 "Attempting to unregister NULL pool\n"); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2000 return FALSE; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2001 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2002 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2003 /* Check that the pool is registered */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2004 if (!g_list_find(cert_pools, pool)) { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2005 purple_debug_warning("certificate", |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2006 "Pool to unregister isn't registered!\n"); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2007 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2008 return FALSE; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2009 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2010 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2011 /* Uninit the pool if needed */ |
19517
7bea9c9fd2a5
(Un)Register the pools with DBus to avoid a runtime fit.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19515
diff
changeset
|
2012 PURPLE_DBUS_UNREGISTER_POINTER(pool); |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2013 if (pool->uninit) { |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
2014 pool->uninit(); |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2015 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2016 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2017 cert_pools = g_list_remove(cert_pools, pool); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
2018 |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2019 /* TODO: Signalling? */ |
19044
602295db8e6b
- Register the certificate-stored and certificate-deleted signals
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19034
diff
changeset
|
2020 purple_signal_unregister(pool, "certificate-stored"); |
602295db8e6b
- Register the certificate-stored and certificate-deleted signals
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19034
diff
changeset
|
2021 purple_signal_unregister(pool, "certificate-deleted"); |
25415
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25385
diff
changeset
|
2022 |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2023 purple_debug_info("certificate", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2024 "CertificatePool %s unregistered\n", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2025 pool->name); |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2026 return TRUE; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2027 } |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2028 |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2029 /****************************************************************************/ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2030 /* Scheme-specific functions */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2031 /****************************************************************************/ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2032 |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2033 void |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2034 purple_certificate_display_x509(PurpleCertificate *crt) |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2035 { |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2036 gchar *sha_asc; |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2037 GByteArray *sha_bin; |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2038 gchar *cn; |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2039 time_t activation, expiration; |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2040 gchar *activ_str, *expir_str; |
19332
6e0521bb0853
- Fix some g_free()s of string constants that caused crashing
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19331
diff
changeset
|
2041 gchar *secondary; |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2042 |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2043 /* Pull out the SHA1 checksum */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2044 sha_bin = purple_certificate_get_fingerprint_sha1(crt); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2045 /* Now decode it for display */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2046 sha_asc = purple_base16_encode_chunked(sha_bin->data, |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2047 sha_bin->len); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2048 |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2049 /* Get the cert Common Name */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2050 /* TODO: Will break on CA certs */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2051 cn = purple_certificate_get_subject_name(crt); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2052 |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2053 /* Get the certificate times */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2054 /* TODO: Check the times against localtime */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2055 /* TODO: errorcheck? */ |
19553
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
2056 if (!purple_certificate_get_times(crt, &activation, &expiration)) { |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
2057 purple_debug_error("certificate", |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
2058 "Failed to get certificate times!\n"); |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
2059 activation = expiration = 0; |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
2060 } |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2061 activ_str = g_strdup(ctime(&activation)); |
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2062 expir_str = g_strdup(ctime(&expiration)); |
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2063 |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2064 /* Make messages */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2065 secondary = g_strdup_printf(_("Common name: %s\n\n" |
24212
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23917
diff
changeset
|
2066 "Fingerprint (SHA1): %s\n\n" |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23917
diff
changeset
|
2067 "Activation date: %s\n" |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23917
diff
changeset
|
2068 "Expiration date: %s\n"), |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23917
diff
changeset
|
2069 cn ? cn : "(null)", |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23917
diff
changeset
|
2070 sha_asc ? sha_asc : "(null)", |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23917
diff
changeset
|
2071 activ_str ? activ_str : "(null)", |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23917
diff
changeset
|
2072 expir_str ? expir_str : "(null)"); |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2073 |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2074 /* Make a semi-pretty display */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2075 purple_notify_info( |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2076 NULL, /* TODO: Find what the handle ought to be */ |
19332
6e0521bb0853
- Fix some g_free()s of string constants that caused crashing
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19331
diff
changeset
|
2077 _("Certificate Information"), |
6e0521bb0853
- Fix some g_free()s of string constants that caused crashing
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19331
diff
changeset
|
2078 "", |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2079 secondary); |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2080 |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2081 /* Cleanup */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2082 g_free(cn); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2083 g_free(secondary); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2084 g_free(sha_asc); |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2085 g_free(activ_str); |
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2086 g_free(expir_str); |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2087 g_byte_array_free(sha_bin, TRUE); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2088 } |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2089 |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2090 void purple_certificate_add_ca_search_path(const char *path) |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2091 { |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2092 if (g_list_find_custom(x509_ca_paths, path, (GCompareFunc)strcmp)) |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2093 return; |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2094 x509_ca_paths = g_list_append(x509_ca_paths, g_strdup(path)); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2095 } |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2096 |