Mercurial > pidgin.yaz

diff libpurple/certificate.c @ 19008:7fd9bd55f8d0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
- Add certificate_check_subject_name and associated machinery - Update GnuTLS to support the above - tls_cached verifier now uses check_subject_name instead of strcmp
author William Ehlhardt <williamehlhardt@gmail.com>
date Mon, 09 Jul 2007 03:47:36 +0000
parents b207701cb5a3
children b64aa0222a7a
line wrap: on
line diff
--- a/libpurple/certificate.c	Mon Jul 09 03:26:18 2007 +0000
+++ b/libpurple/certificate.c	Mon Jul 09 03:47:36 2007 +0000
@@ -186,6 +186,24 @@
 	return subject_name;
 }
 
+gboolean
+purple_certificate_check_subject_name(PurpleCertificate *crt, const gchar *name)
+{
+	PurpleCertificateScheme *scheme;
+
+	g_return_val_if_fail(crt, FALSE);
+	g_return_val_if_fail(crt->scheme, FALSE);
+	g_return_val_if_fail(name, FALSE);
+
+	scheme = crt->scheme;
+
+	/* TODO: Instead of failing, maybe use get_subject_name and strcmp? */
+	g_return_val_if_fail(scheme->check_subject_name, FALSE);
+
+	return (scheme->check_subject_name)(crt, name);
+}
+
+
 gchar *
 purple_certificate_pool_mkpath(PurpleCertificatePool *pool, const gchar *id)
 {
@@ -481,8 +499,7 @@
 	cn = purple_certificate_get_subject_name(crt);
 
 	/* Determine whether the name matches */
-	/* TODO: Worry about strcmp safety? */
-	if (!strcmp(cn, vrq->subject_name)) {
+	if (purple_certificate_check_subject_name(crt, vrq->subject_name)) {
 		cn_match = _("");
 	} else {
 		cn_match = _("(DOES NOT MATCH)");