Mercurial > pidgin.yaz
comparison libpurple/certificate.c @ 20746:27f85efa6505
- Use certificate_pool_retrieve instead of certificate_pool_contains and
then retrieve in tls_peers. This makes it something like atomic and
eliminates about 10 lines of code in the process
author | William Ehlhardt <williamehlhardt@gmail.com> |
---|---|
date | Tue, 02 Oct 2007 08:45:17 +0000 |
parents | d94432a338ab |
children | 17e605dd2de1 |
comparison
equal
deleted
inserted
replaced
20745:61fc6514aafb | 20746:27f85efa6505 |
---|---|
1370 /* Attempt to look up the last certificate's issuer */ | 1370 /* Attempt to look up the last certificate's issuer */ |
1371 ca_id = purple_certificate_get_issuer_unique_id(end_crt); | 1371 ca_id = purple_certificate_get_issuer_unique_id(end_crt); |
1372 purple_debug_info("certificate/x509/tls_cached", | 1372 purple_debug_info("certificate/x509/tls_cached", |
1373 "Checking for a CA with DN=%s\n", | 1373 "Checking for a CA with DN=%s\n", |
1374 ca_id); | 1374 ca_id); |
1375 if ( !purple_certificate_pool_contains(ca, ca_id) ) { | 1375 ca_crt = purple_certificate_pool_retrieve(ca, ca_id); |
1376 if ( NULL == ca_crt ) { | |
1376 purple_debug_info("certificate/x509/tls_cached", | 1377 purple_debug_info("certificate/x509/tls_cached", |
1377 "Certificate Authority with DN='%s' not " | 1378 "Certificate Authority with DN='%s' not " |
1378 "found. I'll prompt the user, I guess.\n", | 1379 "found. I'll prompt the user, I guess.\n", |
1379 ca_id); | 1380 ca_id); |
1380 g_free(ca_id); | 1381 g_free(ca_id); |
1383 "one claims to be issued by " | 1384 "one claims to be issued by " |
1384 "is unknown to Pidgin.")); | 1385 "is unknown to Pidgin.")); |
1385 return; | 1386 return; |
1386 } | 1387 } |
1387 | 1388 |
1388 ca_crt = purple_certificate_pool_retrieve(ca, ca_id); | |
1389 g_free(ca_id); | 1389 g_free(ca_id); |
1390 if (!ca_crt) { | |
1391 purple_debug_error("certificate/x509/tls_cached", | |
1392 "Certificate authority disappeared out " | |
1393 "underneath me!\n"); | |
1394 purple_certificate_verify_complete(vrq, | |
1395 PURPLE_CERTIFICATE_INVALID); | |
1396 return; | |
1397 } | |
1398 | 1390 |
1399 /* Check the signature */ | 1391 /* Check the signature */ |
1400 if ( !purple_certificate_signed_by(end_crt, ca_crt) ) { | 1392 if ( !purple_certificate_signed_by(end_crt, ca_crt) ) { |
1401 /* TODO: If signed_by ever returns a reason, maybe mention | 1393 /* TODO: If signed_by ever returns a reason, maybe mention |
1402 that, too. */ | 1394 that, too. */ |