Mercurial > pidgin.yaz

changeset 23799:d7c62b220ed0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Patch to fully enable NSS SSL Certificates from #6500. Thanks to Lou Cipher for the patch
author William Ehlhardt <williamehlhardt@gmail.com>
date Thu, 14 Aug 2008 22:54:29 +0000
parents 79346eb75cca
children 82bc9f6fa234
files libpurple/plugins/ssl/ssl-nss.c
diffstat 1 files changed, 115 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/libpurple/plugins/ssl/ssl-nss.c	Thu Aug 14 21:39:12 2008 +0000
+++ b/libpurple/plugins/ssl/ssl-nss.c	Thu Aug 14 22:54:29 2008 +0000
@@ -60,6 +60,7 @@
 
 static const PRIOMethods *_nss_methods = NULL;
 static PRDescIdentity _identity;
+static PurpleCertificateScheme x509_nss;
 
 /* Thank you, Evolution */
 static void
@@ -172,6 +173,7 @@
 #endif
 }
 
+#if 0
 static SECStatus
 ssl_bad_cert(void *arg, PRFileDesc *socket)
 {
@@ -211,6 +213,7 @@
 
 	return status;
 }
+#endif
 
 static gboolean
 ssl_nss_init(void)
@@ -227,6 +230,82 @@
 }
 
 static void
+ssl_nss_verified_cb(PurpleCertificateVerificationStatus st,
+		       gpointer userdata)
+{
+	PurpleSslConnection *gsc = (PurpleSslConnection *) userdata;
+
+	if (st == PURPLE_CERTIFICATE_VALID) {
+		/* Certificate valid? Good! Do the connection! */
+		gsc->connect_cb(gsc->connect_cb_data, gsc, PURPLE_INPUT_READ);
+	} else {
+		/* Otherwise, signal an error */
+		if(gsc->error_cb != NULL)
+			gsc->error_cb(gsc, PURPLE_SSL_CERTIFICATE_INVALID,
+				      gsc->connect_cb_data);
+		purple_ssl_close(gsc);
+	}
+}
+
+/** Transforms an NSS containing an X.509 certificate into a Certificate instance
+ *
+ * @param cert   Certificate to transform
+ * @return A newly allocated Certificate
+ */
+static PurpleCertificate *
+x509_import_from_nss(CERTCertificate* cert)
+{
+	/* New certificate to return */
+	PurpleCertificate * crt;
+
+	/* Allocate the certificate and load it with data */
+	crt = g_new0(PurpleCertificate, 1);
+	crt->scheme = &x509_nss;
+	crt->data = CERT_DupCertificate(cert);
+
+	return crt;
+}
+
+static GList *
+ssl_nss_get_peer_certificates(PRFileDesc *socket, PurpleSslConnection * gsc)
+{
+	CERTCertificate *curcert;
+	CERTCertificate *issuerCert;
+	PurpleCertificate * newcrt;
+
+	/* List of Certificate instances to return */
+	GList * peer_certs = NULL;
+	int count;
+	int64 now = PR_Now();
+	
+	curcert = SSL_PeerCertificate(socket);
+	if (curcert == NULL) {
+		purple_debug_error("nss", "could not DupCertificate\n");
+		return NULL;
+	}
+	
+	for (count = 0 ; count < CERT_MAX_CERT_CHAIN ; count++) {
+		purple_debug_info("nss", "subject=%s issuer=%s\n", curcert->subjectName, curcert->issuerName);
+		newcrt = x509_import_from_nss(curcert);
+		peer_certs = g_list_append(peer_certs, newcrt);
+
+		if (curcert->isRoot) {
+			break;
+		}
+		issuerCert = CERT_FindCertIssuer(curcert, now, certUsageSSLServer);
+		if (!issuerCert) {
+			purple_debug_error("nss", "partial certificate chain\n");
+			break;
+		}
+		CERT_DestroyCertificate(curcert);
+		curcert = issuerCert;
+	}
+	CERT_DestroyCertificate(curcert);
+
+	return peer_certs;
+}
+
+static void
 ssl_nss_handshake_cb(gpointer data, int fd, PurpleInputCondition cond)
 {
 	PurpleSslConnection *gsc = (PurpleSslConnection *)data;
@@ -256,7 +335,25 @@
 	purple_input_remove(nss_data->handshake_handler);
 	nss_data->handshake_handler = 0;
 
-	gsc->connect_cb(gsc->connect_cb_data, gsc, cond);
+	/* If a Verifier was given, hand control over to it */
+	if (gsc->verifier) {
+		GList *peers;
+		/* First, get the peer cert chain */
+		peers = ssl_nss_get_peer_certificates(nss_data->in, gsc);
+
+		/* Now kick off the verification process */
+		purple_certificate_verify(gsc->verifier,
+				gsc->host,
+				peers,
+				ssl_nss_verified_cb,
+				gsc);
+
+		purple_certificate_destroy_list(peers);
+	} else {
+		/* Otherwise, just call the "connection complete"
+		   callback */
+		gsc->connect_cb(gsc->connect_cb_data, gsc, cond);
+	}
 }
 
 static void
@@ -310,7 +407,10 @@
 	SSL_AuthCertificateHook(nss_data->in,
 							(SSLAuthCertificate)ssl_auth_cert,
 							(void *)CERT_GetDefaultCertDB());
+#if 0
+	/* No point in hooking BadCert, since ssl_auth_cert always succeeds */
 	SSL_BadCertHook(nss_data->in, (SSLBadCertHandler)ssl_bad_cert, NULL);
+#endif
 
 	if(gsc->host)
 		SSL_SetURL(nss_data->in, gsc->host);
@@ -566,7 +666,20 @@
 x509_signed_by(PurpleCertificate * crt,
 	       PurpleCertificate * issuer)
 {
-	return TRUE;
+	CERTCertificate *subjectCert;
+	CERTCertificate *issuerCert;
+	SECStatus st;
+	
+	issuerCert = X509_NSS_DATA(issuer);
+	g_return_val_if_fail(issuerCert, FALSE);
+
+	subjectCert = X509_NSS_DATA(crt);
+	g_return_val_if_fail(subjectCert, FALSE);
+
+	if ( PORT_Strcmp(subjectCert->issuerName, issuerCert->subjectName) != 0 )
+		return FALSE;
+	st = CERT_VerifySignedData(&subjectCert->signatureWrap, issuerCert, PR_Now(), NULL);
+	return st == SECSuccess;
 }
 
 static GByteArray *