Mercurial > pidgin.yaz
changeset 18942:02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
own VerificationRequest, amd may callback immediately
author | William Ehlhardt <williamehlhardt@gmail.com> |
---|---|
date | Sat, 23 Jun 2007 00:04:49 +0000 |
parents | 425f494bd1ec |
children | c519ff185569 |
files | libpurple/certificate.c libpurple/certificate.h |
diffstat | 2 files changed, 44 insertions(+), 10 deletions(-) [+] |
line wrap: on
line diff
--- a/libpurple/certificate.c Fri Jun 22 23:30:26 2007 +0000 +++ b/libpurple/certificate.c Sat Jun 23 00:04:49 2007 +0000 @@ -37,30 +37,35 @@ static GList *cert_verifiers = NULL; void -purple_certificate_verify (PurpleCertificateVerificationRequest *vrq, - gchar *scheme_name, gchar *ver_name, - gchar *subject_name, GList *cert_chain, +purple_certificate_verify (PurpleCertificateVerifier *verifier, + const gchar *subject_name, GList *cert_chain, PurpleCertificateVerifiedCallback cb, gpointer cb_data) { + PurpleCertificateVerificationRequest *vrq; PurpleCertificateScheme *scheme; - PurpleCertificateVerifier *verifier; - g_return_val_if_fail(ver_name != NULL, NULL); - g_return_val_if_fail(subject_name != NULL, NULL); + g_return_if_fail(subject_name != NULL); /* If you don't have a cert to check, why are you requesting that it be verified? */ - g_return_val_if_fail(cert_chain != NULL, NULL); - g_return_val_if_fail(cb != NULL, NULL); + g_return_if_fail(cert_chain != NULL); + g_return_if_fail(cb != NULL); - /* Locate the verifier, first */ + /* Look up the CertificateScheme */ + scheme = purple_certificate_find_scheme(verifier->scheme_name); + g_return_if_fail(scheme); /* Construct and fill in the request fields */ vrq = g_new(PurpleCertificateVerificationRequest, 1); + vrq->verifier = verifier; + vrq->scheme = scheme; + vrq->subject_name = g_strdup(subject_name); vrq->cert_chain = cert_chain; vrq->cb = cb; vrq->cb_data = cb_data; - vrq->subject_name = g_strdup(subject_name); + + /* Initiate verification */ + (verifier->start_verification)(vrq); } PurpleCertificateScheme *
--- a/libpurple/certificate.h Fri Jun 22 23:30:26 2007 +0000 +++ b/libpurple/certificate.h Sat Jun 23 00:04:49 2007 +0000 @@ -204,6 +204,7 @@ * * This is looked up from the Verifier when the Request is generated */ + PurpleCertificateScheme *scheme; /** * Name to check that the certificate is issued to @@ -228,6 +229,34 @@ gpointer cb_data; }; +/** + * Constructs a verification request and passed control to the specified Verifier + * + * It is possible that the callback will be called immediately upon calling + * this function. Plan accordingly. + * + * @param verifier Verification logic to use. + * @see purple_certificate_find_verifier() + * + * @param subject_name Name that should match the first certificate in the + * chain for the certificate to be valid. Will be strdup'd + * into the Request struct + * + * @param cert_chain Certificate chain to check. If there is more than one + * certificate in the chain (X.509), the peer's + * certificate comes first, then the issuer/signer's + * certificate, etc. + * + * @param cb Callback function to be called with whether the + * certificate was approved or not. + * @param cb_data User-defined data for the above. + */ +void +purple_certificate_verify (PurpleCertificateVerifier *verifier, + const gchar *subject_name, GList *cert_chain, + PurpleCertificateVerifiedCallback cb, + gpointer cb_data); + /*****************************************************************************/ /** @name PurpleCertificate Subsystem API */ /*****************************************************************************/