Mercurial > pidgin.yaz
changeset 18186:80c909c5bb7a
- Add a mode switch to allow DER or PEM imports (necessary because SSL certs
come over the wire in DER, but PEM is used as the local x509 cert
format
| author | William Ehlhardt <williamehlhardt@gmail.com> |
|---|---|
| date | Tue, 19 Jun 2007 15:33:56 +0000 |
| parents | 150689f4b56d |
| children | 33690062e8b3 |
| files | libpurple/plugins/ssl/ssl-gnutls.c |
| diffstat | 1 files changed, 11 insertions(+), 6 deletions(-) [+] |
line wrap: on
line diff
--- a/libpurple/plugins/ssl/ssl-gnutls.c Mon Jun 18 16:26:21 2007 +0000 +++ b/libpurple/plugins/ssl/ssl-gnutls.c Tue Jun 19 15:33:56 2007 +0000 @@ -296,7 +296,7 @@ /* Forward declarations are fun! TODO: This is a stupid place for this */ static Certificate * -x509_import_from_datum(const gnutls_datum_t dt); +x509_import_from_datum(const gnutls_datum_t dt, gnutls_x509_crt_fmt_t mode); static GList * ssl_gnutls_get_peer_certificates(PurpleSslConnection * gsc) @@ -322,7 +322,8 @@ /* Convert each certificate to a Certificate and append it to the list */ for (i = 0; i < cert_list_size; i++) { - Certificate * newcrt = x509_import_from_datum(cert_list[i]); + Certificate * newcrt = x509_import_from_datum(cert_list[i], + GNUTLS_X509_FMT_DER); /* Append is somewhat inefficient on linked lists, but is easy to read. If someone complains, I'll change it. TODO: Is anyone complaining? (Maybe elb?) */ @@ -348,12 +349,15 @@ /** Transforms a gnutls_datum_t containing an X.509 certificate into a Certificate instance under the x509_gnutls scheme * - * @param dt Datum to transform + * @param dt Datum to transform + * @param mode GnuTLS certificate format specifier (GNUTLS_X509_FMT_PEM for + * reading from files, and GNUTLS_X509_FMT_DER for converting + * "over the wire" certs for SSL) * * @return A newly allocated Certificate structure of the x509_gnutls scheme */ static Certificate * -x509_import_from_datum(const gnutls_datum_t dt) +x509_import_from_datum(const gnutls_datum_t dt, gnutls_x509_crt_fmt_t mode) { /* Internal certificate data structure */ gnutls_x509_crt_t *certdat; @@ -366,7 +370,7 @@ /* Perform the actual certificate parse */ /* Yes, certdat SHOULD be dereferenced */ - gnutls_x509_crt_import(*certdat, &dt, GNUTLS_X509_FMT_PEM); + gnutls_x509_crt_import(*certdat, &dt, mode); /* Allocate the certificate and load it with data */ crt = g_new(Certificate, 1); @@ -408,7 +412,8 @@ dt.size = buf_sz; /* Perform the conversion */ - crt = x509_import_from_datum(dt); + crt = x509_import_from_datum(dt, + GNUTLS_X509_FMT_PEM); // files should be in PEM format /* Cleanup */ g_free(buf);