# HG changeset patch # User William Ehlhardt # Date 1186889813 0 # Node ID dd9f69ebaae8ae818d91cd964df02f7697d61932 # Parent f96b53df8d171b9e70a1ee1a54ebd8201272c7c5 In x509_ca pool: - More skeletonizing, including a partial "lazy initialization" implementation to get around the problem of x509_ca requiring an x509 Scheme to be registered before it can properly init. - Cosmetics diff -r f96b53df8d17 -r dd9f69ebaae8 libpurple/certificate.c --- a/libpurple/certificate.c Sun Aug 12 03:06:47 2007 +0000 +++ b/libpurple/certificate.c Sun Aug 12 03:36:53 2007 +0000 @@ -587,11 +587,52 @@ /***** X.509 Certificate Authority pool, keyed by Distinguished Name *****/ +/* This is implemented in what may be the most inefficient and bugprone way + possible; however, future optimizations should not be difficult. */ + static PurpleCertificatePool x509_ca; +/** Holds a key-value pair for quickish certificate lookup */ +typedef struct { + gchar *dn; + PurpleCertificate *crt; +} x509_ca_element; + +/** System directory to probe for CA certificates */ +/* TODO: The current path likely won't work on anything but Debian! Fix! */ +static const gchar *x509_ca_syspath = "/etc/ssl/certs/"; + +/** A list of loaded CAs, populated from the above path whenever the lazy_init + happens. Contains pointers to x509_ca_elements */ +static GList *x509_ca_certs = NULL; + +/** Used for lazy initialization purposes. */ +static gboolean x509_ca_initialized = FALSE; + +static gboolean +x509_ca_lazy_init(void) +{ + if (x509_ca_initialized) return TRUE; + + /* Populate the certificates pool from the system path */ + /* TODO: Writeme! */ + + x509_ca_initialized = TRUE; + return TRUE; +} + static gboolean x509_ca_init(void) { + /* Attempt to initialize now, but if it doesn't work, that's OK; + it will get done later */ + if ( ! x509_ca_lazy_init()) { + purple_debug_info("certificate/x509/ca", + "Lazy init failed, probably because a " + "dependency is not yet registered. " + "It has been deferred to later.\n"); + } + return TRUE; } @@ -605,7 +646,8 @@ x509_ca_cert_in_pool(const gchar *id) { gboolean ret = FALSE; - + + g_return_val_if_fail(x509_ca_lazy_init(), FALSE); g_return_val_if_fail(id, FALSE); return ret; @@ -616,7 +658,8 @@ { PurpleCertificateScheme *x509; PurpleCertificate *crt = NULL; - + + g_return_val_if_fail(x509_ca_lazy_init(), NULL); g_return_val_if_fail(id, NULL); /* Is it in the pool? */ @@ -636,6 +679,7 @@ { gboolean ret = FALSE; + g_return_val_if_fail(x509_ca_lazy_init(), FALSE); g_return_val_if_fail(crt, FALSE); g_return_val_if_fail(crt->scheme, FALSE); /* Make sure that this is some kind of X.509 certificate */ @@ -650,11 +694,12 @@ { gboolean ret = FALSE; + g_return_val_if_fail(x509_ca_lazy_init(), FALSE); g_return_val_if_fail(id, FALSE); /* Is the id even in the pool? */ if (!x509_ca_cert_in_pool(id)) { - purple_debug_warning("certificate/ca", + purple_debug_warning("certificate/x509/ca", "Id %s wasn't in the pool\n", id); return FALSE; @@ -666,6 +711,7 @@ static GList * x509_ca_get_idlist(void) { + g_return_val_if_fail(x509_ca_lazy_init(), NULL); return NULL; }