Mercurial > pidgin.yaz
comparison libpurple/certificate.c @ 19008:7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
- Update GnuTLS to support the above
- tls_cached verifier now uses check_subject_name instead of strcmp
| author | William Ehlhardt <williamehlhardt@gmail.com> |
|---|---|
| date | Mon, 09 Jul 2007 03:47:36 +0000 |
| parents | b207701cb5a3 |
| children | b64aa0222a7a |
comparison
equal
deleted
inserted
replaced
| 19007:8228c5b1d181 | 19008:7fd9bd55f8d0 |
|---|---|
| 184 subject_name = (scheme->get_subject_name)(crt); | 184 subject_name = (scheme->get_subject_name)(crt); |
| 185 | 185 |
| 186 return subject_name; | 186 return subject_name; |
| 187 } | 187 } |
| 188 | 188 |
| 189 gboolean | |
| 190 purple_certificate_check_subject_name(PurpleCertificate *crt, const gchar *name) | |
| 191 { | |
| 192 PurpleCertificateScheme *scheme; | |
| 193 | |
| 194 g_return_val_if_fail(crt, FALSE); | |
| 195 g_return_val_if_fail(crt->scheme, FALSE); | |
| 196 g_return_val_if_fail(name, FALSE); | |
| 197 | |
| 198 scheme = crt->scheme; | |
| 199 | |
| 200 /* TODO: Instead of failing, maybe use get_subject_name and strcmp? */ | |
| 201 g_return_val_if_fail(scheme->check_subject_name, FALSE); | |
| 202 | |
| 203 return (scheme->check_subject_name)(crt, name); | |
| 204 } | |
| 205 | |
| 206 | |
| 189 gchar * | 207 gchar * |
| 190 purple_certificate_pool_mkpath(PurpleCertificatePool *pool, const gchar *id) | 208 purple_certificate_pool_mkpath(PurpleCertificatePool *pool, const gchar *id) |
| 191 { | 209 { |
| 192 gchar *path; | 210 gchar *path; |
| 193 | 211 |
| 479 | 497 |
| 480 /* Get the cert Common Name */ | 498 /* Get the cert Common Name */ |
| 481 cn = purple_certificate_get_subject_name(crt); | 499 cn = purple_certificate_get_subject_name(crt); |
| 482 | 500 |
| 483 /* Determine whether the name matches */ | 501 /* Determine whether the name matches */ |
| 484 /* TODO: Worry about strcmp safety? */ | 502 if (purple_certificate_check_subject_name(crt, vrq->subject_name)) { |
| 485 if (!strcmp(cn, vrq->subject_name)) { | |
| 486 cn_match = _(""); | 503 cn_match = _(""); |
| 487 } else { | 504 } else { |
| 488 cn_match = _("(DOES NOT MATCH)"); | 505 cn_match = _("(DOES NOT MATCH)"); |
| 489 } | 506 } |
| 490 | 507 |