Mercurial > pidgin
annotate libpurple/certificate.c @ 31373:6c660dc7cb6a
Moved the conversation attributes API and the IRC periodic WHO updates to i.p.p.next.minor, where they belong.
applied changes from 3de680fff7ddd1b00149657afb7f6cd833000a90
through 7ee5e1d431651ed2b1a54bc942d63f35580af55c
applied changes from e7c103fdfbc59bb2ca41a3c8813c4ff2847a673f
through 22937ab220c41cd0c4a3f9e21e3db687db80da75
applied changes from 22937ab220c41cd0c4a3f9e21e3db687db80da75
through cba010d1c097d4e6599f08276ed9d894710c1074
applied changes from a694289accbec14c593b3636ef1f626fd8279805
through 8a43e3ddd7adacb208afe2d7ee3ea983c95901be
author | Evan Schoenberg <evan.s@dreskin.net> |
---|---|
date | Mon, 21 Feb 2011 23:08:47 +0000 |
parents | e89df17f5ae7 |
children | a3b1dcf433b5 |
rev | line source |
---|---|
17910
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
1 /** |
19075 | 2 * @file certificate.c Public-Key Certificate API |
17910
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
3 * @ingroup core |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
4 */ |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
5 |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
6 /* |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
7 * |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
8 * purple |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
9 * |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
10 * Purple is the legal property of its developers, whose names are too numerous |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
11 * to list here. Please refer to the COPYRIGHT file distributed with this |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
12 * source distribution. |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
13 * |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
14 * This program is free software; you can redistribute it and/or modify |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
15 * it under the terms of the GNU General Public License as published by |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
16 * the Free Software Foundation; either version 2 of the License, or |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
17 * (at your option) any later version. |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
18 * |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
19 * This program is distributed in the hope that it will be useful, |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
22 * GNU General Public License for more details. |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
23 * |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
24 * You should have received a copy of the GNU General Public License |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
25 * along with this program; if not, write to the Free Software |
19681
44b4e8bd759b
The FSF changed its address a while ago; our files were out of date.
John Bailey <rekkanoryo@rekkanoryo.org>
parents:
19649
diff
changeset
|
26 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA |
17910
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
27 */ |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
28 |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
29 #include "internal.h" |
17910
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
30 #include "certificate.h" |
19517
7bea9c9fd2a5
(Un)Register the pools with DBus to avoid a runtime fit.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19515
diff
changeset
|
31 #include "dbus-maybe.h" |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
32 #include "debug.h" |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
33 #include "request.h" |
19044
602295db8e6b
- Register the certificate-stored and certificate-deleted signals
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19034
diff
changeset
|
34 #include "signals.h" |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
35 #include "util.h" |
17910
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
36 |
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
37 /** List holding pointers to all registered certificate schemes */ |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
38 static GList *cert_schemes = NULL; |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
39 /** List of registered Verifiers */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
40 static GList *cert_verifiers = NULL; |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
41 /** List of registered Pools */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
42 static GList *cert_pools = NULL; |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
43 |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
44 /* |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
45 * TODO: Merge this with PurpleCertificateVerificationStatus for 3.0.0 */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
46 typedef enum { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
47 PURPLE_CERTIFICATE_UNKNOWN_ERROR = -1, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
48 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
49 /* Not an error */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
50 PURPLE_CERTIFICATE_NO_PROBLEMS = 0, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
51 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
52 /* Non-fatal */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
53 PURPLE_CERTIFICATE_NON_FATALS_MASK = 0x0000FFFF, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
54 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
55 /* The certificate is self-signed. */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
56 PURPLE_CERTIFICATE_SELF_SIGNED = 0x01, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
57 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
58 /* The CA is not in libpurple's pool of certificates. */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
59 PURPLE_CERTIFICATE_CA_UNKNOWN = 0x02, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
60 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
61 /* The current time is before the certificate's specified |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
62 * activation time. |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
63 */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
64 PURPLE_CERTIFICATE_NOT_ACTIVATED = 0x04, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
65 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
66 /* The current time is after the certificate's specified expiration time */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
67 PURPLE_CERTIFICATE_EXPIRED = 0x08, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
68 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
69 /* The certificate's subject name doesn't match the expected */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
70 PURPLE_CERTIFICATE_NAME_MISMATCH = 0x10, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
71 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
72 /* No CA pool was found. This shouldn't happen... */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
73 PURPLE_CERTIFICATE_NO_CA_POOL = 0x20, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
74 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
75 /* Fatal */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
76 PURPLE_CERTIFICATE_FATALS_MASK = 0xFFFF0000, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
77 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
78 /* The signature chain could not be validated. Due to limitations in the |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
79 * the current API, this also indicates one of the CA certificates in the |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
80 * chain is expired (or not yet activated). FIXME 3.0.0 */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
81 PURPLE_CERTIFICATE_INVALID_CHAIN = 0x10000, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
82 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
83 /* The signature has been revoked. */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
84 PURPLE_CERTIFICATE_REVOKED = 0x20000, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
85 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
86 PURPLE_CERTIFICATE_LAST = 0x40000, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
87 } PurpleCertificateInvalidityFlags; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
88 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
89 static const gchar * |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
90 invalidity_reason_to_string(PurpleCertificateInvalidityFlags flag) |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
91 { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
92 switch (flag) { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
93 case PURPLE_CERTIFICATE_SELF_SIGNED: |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
94 return _("The certificate is self-signed and cannot be " |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
95 "automatically checked."); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
96 break; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
97 case PURPLE_CERTIFICATE_CA_UNKNOWN: |
28356
8e6c1408e430
Some wordsmithing on this message from Y S Landro, Richard, William, and Kevin (on the translators m-l).
Paul Aurich <paul@darkrain42.org>
parents:
28245
diff
changeset
|
98 return _("The certificate is not trusted because no certificate " |
8e6c1408e430
Some wordsmithing on this message from Y S Landro, Richard, William, and Kevin (on the translators m-l).
Paul Aurich <paul@darkrain42.org>
parents:
28245
diff
changeset
|
99 "that can verify it is currently trusted."); |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
100 break; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
101 case PURPLE_CERTIFICATE_NOT_ACTIVATED: |
30219
ebc34634e592
certificate: Add helpful text to the 'not yet active' message.
Paul Aurich <paul@darkrain42.org>
parents:
29699
diff
changeset
|
102 return _("The certificate is not valid yet. Check that your " |
ebc34634e592
certificate: Add helpful text to the 'not yet active' message.
Paul Aurich <paul@darkrain42.org>
parents:
29699
diff
changeset
|
103 "computer's date and time are accurate."); |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
104 break; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
105 case PURPLE_CERTIFICATE_EXPIRED: |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
106 return _("The certificate has expired and should not be " |
30573
22a713532200
cert: Tell users to check their computer's date/time for expired certs, too
Paul Aurich <paul@darkrain42.org>
parents:
30219
diff
changeset
|
107 "considered valid. Check that your computer's date " |
22a713532200
cert: Tell users to check their computer's date/time for expired certs, too
Paul Aurich <paul@darkrain42.org>
parents:
30219
diff
changeset
|
108 "and time are accurate."); |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
109 break; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
110 case PURPLE_CERTIFICATE_NAME_MISMATCH: |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
111 /* Translators: "domain" refers to a DNS domain (e.g. talk.google.com) */ |
28056
694c8aa30300
String change feedback from Stu.
Paul Aurich <paul@darkrain42.org>
parents:
28051
diff
changeset
|
112 return _("The certificate presented is not issued to this domain."); |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
113 break; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
114 case PURPLE_CERTIFICATE_NO_CA_POOL: |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
115 return _("You have no database of root certificates, so " |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
116 "this certificate cannot be validated."); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
117 break; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
118 case PURPLE_CERTIFICATE_INVALID_CHAIN: |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
119 return _("The certificate chain presented is invalid."); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
120 break; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
121 case PURPLE_CERTIFICATE_REVOKED: |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
122 return _("The certificate has been revoked."); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
123 break; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
124 case PURPLE_CERTIFICATE_UNKNOWN_ERROR: |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
125 default: |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
126 return _("An unknown certificate error occurred."); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
127 break; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
128 } |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
129 } |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
130 |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
131 void |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
132 purple_certificate_verify (PurpleCertificateVerifier *verifier, |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
133 const gchar *subject_name, GList *cert_chain, |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
134 PurpleCertificateVerifiedCallback cb, |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
135 gpointer cb_data) |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
136 { |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
137 PurpleCertificateVerificationRequest *vrq; |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
138 PurpleCertificateScheme *scheme; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
139 |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
140 g_return_if_fail(subject_name != NULL); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
141 /* If you don't have a cert to check, why are you requesting that it |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
142 be verified? */ |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
143 g_return_if_fail(cert_chain != NULL); |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
144 g_return_if_fail(cb != NULL); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
145 |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
146 /* Look up the CertificateScheme */ |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
147 scheme = purple_certificate_find_scheme(verifier->scheme_name); |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
148 g_return_if_fail(scheme); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
149 |
18943
c519ff185569
- purple_certificate_verify attempts to check that the cert chain is of
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18942
diff
changeset
|
150 /* Check that at least the first cert in the chain matches the |
c519ff185569
- purple_certificate_verify attempts to check that the cert chain is of
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18942
diff
changeset
|
151 Verifier scheme */ |
18960
6831c126bcf3
- Fixed an inverted assertion
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18957
diff
changeset
|
152 g_return_if_fail(scheme == |
18943
c519ff185569
- purple_certificate_verify attempts to check that the cert chain is of
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18942
diff
changeset
|
153 ((PurpleCertificate *) (cert_chain->data))->scheme); |
c519ff185569
- purple_certificate_verify attempts to check that the cert chain is of
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18942
diff
changeset
|
154 |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
155 /* Construct and fill in the request fields */ |
18949
8902f0d7e40f
- Use g_new0 instead of g_new
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18947
diff
changeset
|
156 vrq = g_new0(PurpleCertificateVerificationRequest, 1); |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
157 vrq->verifier = verifier; |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
158 vrq->scheme = scheme; |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
159 vrq->subject_name = g_strdup(subject_name); |
19021
fcca10d0ac7d
- purple_certificate_verify no longer takes possession of the
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19020
diff
changeset
|
160 vrq->cert_chain = purple_certificate_copy_list(cert_chain); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
161 vrq->cb = cb; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
162 vrq->cb_data = cb_data; |
18942
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
163 |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
164 /* Initiate verification */ |
02102eccc4be
- purple_certificate_verify now takes a Verifier argument, creates its
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18941
diff
changeset
|
165 (verifier->start_verification)(vrq); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
166 } |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
167 |
18946
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
168 void |
19088
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
169 purple_certificate_verify_complete(PurpleCertificateVerificationRequest *vrq, |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
170 PurpleCertificateVerificationStatus st) |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
171 { |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
172 PurpleCertificateVerifier *vr; |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
173 |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
174 g_return_if_fail(vrq); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
175 |
20747
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
176 if (st == PURPLE_CERTIFICATE_VALID) { |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
177 purple_debug_info("certificate", |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
178 "Successfully verified certificate for %s\n", |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
179 vrq->subject_name); |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
180 } else { |
27231
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25941
diff
changeset
|
181 purple_debug_error("certificate", |
20747
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
182 "Failed to verify certificate for %s\n", |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
183 vrq->subject_name); |
17e605dd2de1
- Debugging babble in purple_verify_complete to tell final verification
William Ehlhardt <williamehlhardt@gmail.com>
parents:
20746
diff
changeset
|
184 } |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
185 |
19088
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
186 /* Pass the results on to the request's callback */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
187 (vrq->cb)(st, vrq->cb_data); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
188 |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
189 /* And now to eliminate the request */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
190 /* Fetch the Verifier responsible... */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
191 vr = vrq->verifier; |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
192 /* ...and order it to KILL */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
193 (vr->destroy_request)(vrq); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
194 |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
195 /* Now the internals have been cleaned up, so clean up the libpurple- |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
196 created elements */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
197 g_free(vrq->subject_name); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
198 purple_certificate_destroy_list(vrq->cert_chain); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
199 |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
200 /* A structure born |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
201 * to much ado |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
202 * and with so much within. |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
203 * It reaches now |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
204 * its quiet end. */ |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
205 g_free(vrq); |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
206 } |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
207 |
f5802217844d
- Add verify_complete, which should deprecate verify_destroy
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19086
diff
changeset
|
208 |
19018
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
209 PurpleCertificate * |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
210 purple_certificate_copy(PurpleCertificate *crt) |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
211 { |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
212 g_return_val_if_fail(crt, NULL); |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
213 g_return_val_if_fail(crt->scheme, NULL); |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
214 g_return_val_if_fail(crt->scheme->copy_certificate, NULL); |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
215 |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
216 return (crt->scheme->copy_certificate)(crt); |
d6f902265076
- Add purple_certificate_copy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
217 } |
18947
3c6bf77bf7c4
- Add purple_certificate_verify_destroy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18946
diff
changeset
|
218 |
19020
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
219 GList * |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
220 purple_certificate_copy_list(GList *crt_list) |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
221 { |
24270
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23987
diff
changeset
|
222 GList *new_l, *l; |
19020
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
223 |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
224 /* First, make a shallow copy of the list */ |
24270
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23987
diff
changeset
|
225 new_l = g_list_copy(crt_list); |
19020
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
226 |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
227 /* Now go through and actually duplicate each certificate */ |
24270
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23987
diff
changeset
|
228 for (l = new_l; l; l = l->next) { |
19020
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
229 l->data = purple_certificate_copy(l->data); |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
230 } |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
231 |
24270
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23987
diff
changeset
|
232 return new_l; |
19020
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
233 } |
d69355001a6e
- Add purple_certificate_copy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19018
diff
changeset
|
234 |
18947
3c6bf77bf7c4
- Add purple_certificate_verify_destroy and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18946
diff
changeset
|
235 void |
18946
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
236 purple_certificate_destroy (PurpleCertificate *crt) |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
237 { |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
238 PurpleCertificateScheme *scheme; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
239 |
18946
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
240 if (NULL == crt) return; |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
241 |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
242 scheme = crt->scheme; |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
243 |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
244 (scheme->destroy_certificate)(crt); |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
245 } |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
246 |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
247 void |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
248 purple_certificate_destroy_list (GList * crt_list) |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
249 { |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
250 PurpleCertificate *crt; |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
251 GList *l; |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
252 |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
253 for (l=crt_list; l; l = l->next) { |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
254 crt = (PurpleCertificate *) l->data; |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
255 purple_certificate_destroy(crt); |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
256 } |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
257 |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
258 g_list_free(crt_list); |
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
259 } |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
260 |
19076
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
261 gboolean |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
262 purple_certificate_signed_by(PurpleCertificate *crt, PurpleCertificate *issuer) |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
263 { |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
264 PurpleCertificateScheme *scheme; |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
265 |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
266 g_return_val_if_fail(crt, FALSE); |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
267 g_return_val_if_fail(issuer, FALSE); |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
268 |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
269 scheme = crt->scheme; |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
270 g_return_val_if_fail(scheme, FALSE); |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
271 /* We can't compare two certs of unrelated schemes, obviously */ |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
272 g_return_val_if_fail(issuer->scheme == scheme, FALSE); |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
273 |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
274 return (scheme->signed_by)(crt, issuer); |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
275 } |
daa68185a018
- Add purple_certificate_signed_by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19075
diff
changeset
|
276 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
277 gboolean |
27671
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
278 purple_certificate_check_signature_chain_with_failing(GList *chain, |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
279 PurpleCertificate **failing) |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
280 { |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
281 GList *cur; |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
282 PurpleCertificate *crt, *issuer; |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
283 gchar *uid; |
27664
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
284 time_t now, activation, expiration; |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
285 gboolean ret; |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
286 |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
287 g_return_val_if_fail(chain, FALSE); |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
288 |
27671
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
289 if (failing) |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
290 *failing = NULL; |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
291 |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
292 uid = purple_certificate_get_unique_id((PurpleCertificate *) chain->data); |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
293 purple_debug_info("certificate", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
294 "Checking signature chain for uid=%s\n", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
295 uid); |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
296 g_free(uid); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
297 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
298 /* If this is a single-certificate chain, say that it is valid */ |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
299 if (chain->next == NULL) { |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
300 purple_debug_info("certificate", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
301 "...Singleton. We'll say it's valid.\n"); |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
302 return TRUE; |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
303 } |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
304 |
27664
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
305 now = time(NULL); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
306 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
307 /* Load crt with the first certificate */ |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
308 crt = (PurpleCertificate *)(chain->data); |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
309 /* And start with the second certificate in the chain */ |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
310 for ( cur = chain->next; cur; cur = cur->next ) { |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
311 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
312 issuer = (PurpleCertificate *)(cur->data); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
313 |
27664
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
314 uid = purple_certificate_get_unique_id(issuer); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
315 |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
316 ret = purple_certificate_get_times(issuer, &activation, &expiration); |
31086
a8cc50c2279f
Remove trailing whitespace
Richard Laager <rlaager@wiktel.com>
parents:
30960
diff
changeset
|
317 if (!ret || now < activation || now > expiration) { |
27664
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
318 if (!ret) |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
319 purple_debug_error("certificate", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
320 "...Failed to get validity times for certificate %s\n" |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
321 "Chain is INVALID\n", uid); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
322 else if (now > expiration) |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
323 purple_debug_error("certificate", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
324 "...Issuer %s expired at %s\nChain is INVALID\n", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
325 uid, ctime(&expiration)); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
326 else |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
327 purple_debug_error("certificate", |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
328 "...Not-yet-activated issuer %s will be valid at %s\n" |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
329 "Chain is INVALID\n", uid, ctime(&activation)); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
330 |
27671
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
331 if (failing) |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
332 *failing = crt; |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
333 |
27664
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
334 g_free(uid); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
335 return FALSE; |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
336 } |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
337 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
338 /* Check the signature for this link */ |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
339 if (! purple_certificate_signed_by(crt, issuer) ) { |
27231
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25941
diff
changeset
|
340 purple_debug_error("certificate", |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
341 "...Bad or missing signature by %s\nChain is INVALID\n", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
342 uid); |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
343 g_free(uid); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
344 |
27671
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
345 if (failing) |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
346 *failing = crt; |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
347 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
348 return FALSE; |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
349 } |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
350 |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
351 purple_debug_info("certificate", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
352 "...Good signature by %s\n", |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
353 uid); |
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
354 g_free(uid); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
355 |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
356 /* The issuer is now the next crt whose signature is to be |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
357 checked */ |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
358 crt = issuer; |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
359 } |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
360 |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
361 /* If control reaches this point, the chain is valid */ |
19081
bdd8911d5031
- Add debugging babble to check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19080
diff
changeset
|
362 purple_debug_info("certificate", "Chain is VALID\n"); |
19077
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
363 return TRUE; |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
364 } |
8275c3cbc9da
- Add purple_certificate_check_signature_chain
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19076
diff
changeset
|
365 |
27671
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
366 gboolean |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
367 purple_certificate_check_signature_chain(GList *chain) |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
368 { |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
369 return purple_certificate_check_signature_chain_with_failing(chain, NULL); |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
370 } |
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
371 |
18988
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
372 PurpleCertificate * |
18989
43d1ee6a3ed5
- Fixed naming issues in previous revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18988
diff
changeset
|
373 purple_certificate_import(PurpleCertificateScheme *scheme, const gchar *filename) |
18988
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
374 { |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
375 g_return_val_if_fail(scheme, NULL); |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
376 g_return_val_if_fail(scheme->import_certificate, NULL); |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
377 g_return_val_if_fail(filename, NULL); |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
378 |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
379 return (scheme->import_certificate)(filename); |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
380 } |
4189fc3befba
- Add purple_certificate_import
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18987
diff
changeset
|
381 |
29647
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
382 GSList * |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
383 purple_certificates_import(PurpleCertificateScheme *scheme, const gchar *filename) |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
384 { |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
385 g_return_val_if_fail(scheme, NULL); |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
386 g_return_val_if_fail(scheme->import_certificates, NULL); |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
387 g_return_val_if_fail(filename, NULL); |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
388 |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
389 return (scheme->import_certificates)(filename); |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
390 } |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
391 |
18977
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
392 gboolean |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
393 purple_certificate_export(const gchar *filename, PurpleCertificate *crt) |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
394 { |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
395 PurpleCertificateScheme *scheme; |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
396 |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
397 g_return_val_if_fail(filename, FALSE); |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
398 g_return_val_if_fail(crt, FALSE); |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
399 g_return_val_if_fail(crt->scheme, FALSE); |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
400 |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
401 scheme = crt->scheme; |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
402 g_return_val_if_fail(scheme->export_certificate, FALSE); |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
403 |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
404 return (scheme->export_certificate)(filename, crt); |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
405 } |
31bdbb82de7e
- Add purple_certificate_export and associated libpurple stuff
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18976
diff
changeset
|
406 |
27669
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27664
diff
changeset
|
407 static gboolean |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27664
diff
changeset
|
408 byte_arrays_equal(const GByteArray *array1, const GByteArray *array2) |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27664
diff
changeset
|
409 { |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27664
diff
changeset
|
410 g_return_val_if_fail(array1 != NULL, FALSE); |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27664
diff
changeset
|
411 g_return_val_if_fail(array2 != NULL, FALSE); |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27664
diff
changeset
|
412 |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27664
diff
changeset
|
413 return (array1->len == array2->len) && |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27664
diff
changeset
|
414 (0 == memcmp(array1->data, array2->data, array1->len)); |
4c5f35f2b1ff
A better solution for verifying certificate chains with NSS 3.12.3.
Paul Aurich <paul@darkrain42.org>
parents:
27664
diff
changeset
|
415 } |
31086
a8cc50c2279f
Remove trailing whitespace
Richard Laager <rlaager@wiktel.com>
parents:
30960
diff
changeset
|
416 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
417 GByteArray * |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
418 purple_certificate_get_fingerprint_sha1(PurpleCertificate *crt) |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
419 { |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
420 PurpleCertificateScheme *scheme; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
421 GByteArray *fpr; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
422 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
423 g_return_val_if_fail(crt, NULL); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
424 g_return_val_if_fail(crt->scheme, NULL); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
425 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
426 scheme = crt->scheme; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
427 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
428 g_return_val_if_fail(scheme->get_fingerprint_sha1, NULL); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
429 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
430 fpr = (scheme->get_fingerprint_sha1)(crt); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
431 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
432 return fpr; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
433 } |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
434 |
18962
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
435 gchar * |
19080
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
436 purple_certificate_get_unique_id(PurpleCertificate *crt) |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
437 { |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
438 g_return_val_if_fail(crt, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
439 g_return_val_if_fail(crt->scheme, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
440 g_return_val_if_fail(crt->scheme->get_unique_id, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
441 |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
442 return (crt->scheme->get_unique_id)(crt); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
443 } |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
444 |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
445 gchar * |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
446 purple_certificate_get_issuer_unique_id(PurpleCertificate *crt) |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
447 { |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
448 g_return_val_if_fail(crt, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
449 g_return_val_if_fail(crt->scheme, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
450 g_return_val_if_fail(crt->scheme->get_issuer_unique_id, NULL); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
451 |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
452 return (crt->scheme->get_issuer_unique_id)(crt); |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
453 } |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
454 |
3bdede51c007
- Expose get_unique_id and get_issuer_unique_id through libpurple functions
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19078
diff
changeset
|
455 gchar * |
18962
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
456 purple_certificate_get_subject_name(PurpleCertificate *crt) |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
457 { |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
458 PurpleCertificateScheme *scheme; |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
459 gchar *subject_name; |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
460 |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
461 g_return_val_if_fail(crt, NULL); |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
462 g_return_val_if_fail(crt->scheme, NULL); |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
463 |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
464 scheme = crt->scheme; |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
465 |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
466 g_return_val_if_fail(scheme->get_subject_name, NULL); |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
467 |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
468 subject_name = (scheme->get_subject_name)(crt); |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
469 |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
470 return subject_name; |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
471 } |
fcd05c39803e
- Add purple_certificate_get_subject_name and associated libpurple
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18960
diff
changeset
|
472 |
19008
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
473 gboolean |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
474 purple_certificate_check_subject_name(PurpleCertificate *crt, const gchar *name) |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
475 { |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
476 PurpleCertificateScheme *scheme; |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
477 |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
478 g_return_val_if_fail(crt, FALSE); |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
479 g_return_val_if_fail(crt->scheme, FALSE); |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
480 g_return_val_if_fail(name, FALSE); |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
481 |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
482 scheme = crt->scheme; |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
483 |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
484 g_return_val_if_fail(scheme->check_subject_name, FALSE); |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
485 |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
486 return (scheme->check_subject_name)(crt, name); |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
487 } |
7fd9bd55f8d0
- Add certificate_check_subject_name and associated machinery
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19001
diff
changeset
|
488 |
19012
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
489 gboolean |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
490 purple_certificate_get_times(PurpleCertificate *crt, time_t *activation, time_t *expiration) |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
491 { |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
492 PurpleCertificateScheme *scheme; |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
493 |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
494 g_return_val_if_fail(crt, FALSE); |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
495 |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
496 scheme = crt->scheme; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
497 |
19012
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
498 g_return_val_if_fail(scheme, FALSE); |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
499 |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
500 /* If both provided references are NULL, what are you doing calling |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
501 this? */ |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
502 g_return_val_if_fail( (activation != NULL) || (expiration != NULL), FALSE); |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
503 |
19067
6c0aad79c4c5
- Change the internal structure of activation/expiration times to match
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19063
diff
changeset
|
504 /* Throw the request on down to the certscheme */ |
6c0aad79c4c5
- Change the internal structure of activation/expiration times to match
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19063
diff
changeset
|
505 return (scheme->get_times)(crt, activation, expiration); |
19012
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
506 } |
b1090cbfc286
- Add expiration/activation functions for Certificates
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
507 |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
508 gchar * |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
509 purple_certificate_pool_mkpath(PurpleCertificatePool *pool, const gchar *id) |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
510 { |
19010
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
511 gchar *path; |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
512 gchar *esc_scheme_name, *esc_name, *esc_id; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
513 |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
514 g_return_val_if_fail(pool, NULL); |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
515 g_return_val_if_fail(pool->scheme_name, NULL); |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
516 g_return_val_if_fail(pool->name, NULL); |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
517 |
19010
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
518 /* Escape all the elements for filesystem-friendliness */ |
19033
6b4e874e47c1
- Handle NULLs given to certificate_pool_mkpath without causing errors
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19027
diff
changeset
|
519 esc_scheme_name = pool ? g_strdup(purple_escape_filename(pool->scheme_name)) : NULL; |
6b4e874e47c1
- Handle NULLs given to certificate_pool_mkpath without causing errors
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19027
diff
changeset
|
520 esc_name = pool ? g_strdup(purple_escape_filename(pool->name)) : NULL; |
6b4e874e47c1
- Handle NULLs given to certificate_pool_mkpath without causing errors
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19027
diff
changeset
|
521 esc_id = id ? g_strdup(purple_escape_filename(id)) : NULL; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
522 |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
523 path = g_build_filename(purple_user_dir(), |
18986
dfd9f883b774
- Correct the certstore folder paths
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18985
diff
changeset
|
524 "certificates", /* TODO: constantize this? */ |
19010
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
525 esc_scheme_name, |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
526 esc_name, |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
527 esc_id, |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
528 NULL); |
19009
b64aa0222a7a
- pool_mkpath now runs purple_escape_filename on its return value
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
529 |
19010
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
530 g_free(esc_scheme_name); |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
531 g_free(esc_name); |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
532 g_free(esc_id); |
0d4b84820390
- Fix overzealous escaping cause by ancestor revision
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
533 return path; |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
534 } |
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
535 |
18995
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
536 gboolean |
19034
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
537 purple_certificate_pool_usable(PurpleCertificatePool *pool) |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
538 { |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
539 g_return_val_if_fail(pool, FALSE); |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
540 g_return_val_if_fail(pool->scheme_name, FALSE); |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
541 |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
542 /* Check that the pool's scheme is loaded */ |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
543 if (purple_certificate_find_scheme(pool->scheme_name) == NULL) { |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
544 return FALSE; |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
545 } |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
546 |
19034
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
547 return TRUE; |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
548 } |
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
549 |
19060
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
550 PurpleCertificateScheme * |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
551 purple_certificate_pool_get_scheme(PurpleCertificatePool *pool) |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
552 { |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
553 g_return_val_if_fail(pool, NULL); |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
554 g_return_val_if_fail(pool->scheme_name, NULL); |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
555 |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
556 return purple_certificate_find_scheme(pool->scheme_name); |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
557 } |
c79b54f03f9d
- Add purple_certificate_pool_get_scheme helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19050
diff
changeset
|
558 |
19034
8b627694bf4a
- Add purple_certificate_pool_usable to check whether a pool's
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19033
diff
changeset
|
559 gboolean |
18995
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
560 purple_certificate_pool_contains(PurpleCertificatePool *pool, const gchar *id) |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
561 { |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
562 g_return_val_if_fail(pool, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
563 g_return_val_if_fail(id, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
564 g_return_val_if_fail(pool->cert_in_pool, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
565 |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
566 return (pool->cert_in_pool)(id); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
567 } |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
568 |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
569 PurpleCertificate * |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
570 purple_certificate_pool_retrieve(PurpleCertificatePool *pool, const gchar *id) |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
571 { |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
572 g_return_val_if_fail(pool, NULL); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
573 g_return_val_if_fail(id, NULL); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
574 g_return_val_if_fail(pool->get_cert, NULL); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
575 |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
576 return (pool->get_cert)(id); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
577 } |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
578 |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
579 gboolean |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
580 purple_certificate_pool_store(PurpleCertificatePool *pool, const gchar *id, PurpleCertificate *crt) |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
581 { |
19046
8599a27ad69c
- Emit certificate-stored signal in purple_certificate_pool_store
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19044
diff
changeset
|
582 gboolean ret = FALSE; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
583 |
18995
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
584 g_return_val_if_fail(pool, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
585 g_return_val_if_fail(id, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
586 g_return_val_if_fail(pool->put_cert, FALSE); |
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
587 |
18996
24fc5ca67afc
- Do some weak checking to ensure that you don't attempt to store a
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18995
diff
changeset
|
588 /* Whether crt->scheme matches find_scheme(pool->scheme_name) is not |
24fc5ca67afc
- Do some weak checking to ensure that you don't attempt to store a
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18995
diff
changeset
|
589 relevant... I think... */ |
24fc5ca67afc
- Do some weak checking to ensure that you don't attempt to store a
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18995
diff
changeset
|
590 g_return_val_if_fail( |
24fc5ca67afc
- Do some weak checking to ensure that you don't attempt to store a
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18995
diff
changeset
|
591 g_ascii_strcasecmp(pool->scheme_name, crt->scheme->name) == 0, |
24fc5ca67afc
- Do some weak checking to ensure that you don't attempt to store a
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18995
diff
changeset
|
592 FALSE); |
18995
47b06daea9d1
- Add pool retrieve, contains, and store functions to certificate API
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18993
diff
changeset
|
593 |
19046
8599a27ad69c
- Emit certificate-stored signal in purple_certificate_pool_store
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19044
diff
changeset
|
594 ret = (pool->put_cert)(id, crt); |
8599a27ad69c
- Emit certificate-stored signal in purple_certificate_pool_store
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19044
diff
changeset
|
595 |
19050
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
596 /* Signal that the certificate was stored if success*/ |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
597 if (ret) { |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
598 purple_signal_emit(pool, "certificate-stored", |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
599 pool, id); |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
600 } |
19046
8599a27ad69c
- Emit certificate-stored signal in purple_certificate_pool_store
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19044
diff
changeset
|
601 |
8599a27ad69c
- Emit certificate-stored signal in purple_certificate_pool_store
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19044
diff
changeset
|
602 return ret; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
603 } |
18984
2b4150624cf2
- Add purple_certificate_pool_mkpath helper function
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18982
diff
changeset
|
604 |
19049
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
605 gboolean |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
606 purple_certificate_pool_delete(PurpleCertificatePool *pool, const gchar *id) |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
607 { |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
608 gboolean ret = FALSE; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
609 |
19049
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
610 g_return_val_if_fail(pool, FALSE); |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
611 g_return_val_if_fail(id, FALSE); |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
612 g_return_val_if_fail(pool->delete_cert, FALSE); |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
613 |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
614 ret = (pool->delete_cert)(id); |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
615 |
19050
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
616 /* Signal that the certificate was deleted if success */ |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
617 if (ret) { |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
618 purple_signal_emit(pool, "certificate-deleted", |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
619 pool, id); |
c563b8f84aa0
- Only emit certificate-stored and certificate-deleted if the operation
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19049
diff
changeset
|
620 } |
19049
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
621 |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
622 return ret; |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
623 } |
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
624 |
19026
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
625 GList * |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
626 purple_certificate_pool_get_idlist(PurpleCertificatePool *pool) |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
627 { |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
628 g_return_val_if_fail(pool, NULL); |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
629 g_return_val_if_fail(pool->get_idlist, NULL); |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
630 |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
631 return (pool->get_idlist)(); |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
632 } |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
633 |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
634 void |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
635 purple_certificate_pool_destroy_idlist(GList *idlist) |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
636 { |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
637 GList *l; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
638 |
19026
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
639 /* Iterate through and free them strings */ |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
640 for ( l = idlist; l; l = l->next ) { |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
641 g_free(l->data); |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
642 } |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
643 |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
644 g_list_free(idlist); |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
645 } |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
646 |
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
647 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
648 /****************************************************************************/ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
649 /* Builtin Verifiers, Pools, etc. */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
650 /****************************************************************************/ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
651 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
652 static void |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
653 x509_singleuse_verify_cb (PurpleCertificateVerificationRequest *vrq, gint id) |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
654 { |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
655 g_return_if_fail(vrq); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
656 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
657 purple_debug_info("certificate/x509_singleuse", |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
658 "VRQ on cert from %s gave %d\n", |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
659 vrq->subject_name, id); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
660 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
661 /* Signal what happened back to the caller */ |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
662 if (1 == id) { |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
663 /* Accepted! */ |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
664 purple_certificate_verify_complete(vrq, |
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
665 PURPLE_CERTIFICATE_VALID); |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
666 } else { |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
667 /* Not accepted */ |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
668 purple_certificate_verify_complete(vrq, |
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
669 PURPLE_CERTIFICATE_INVALID); |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
670 |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
671 } |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
672 } |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
673 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
674 static void |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
675 x509_singleuse_start_verify (PurpleCertificateVerificationRequest *vrq) |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
676 { |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
677 gchar *sha_asc; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
678 GByteArray *sha_bin; |
18964
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
679 gchar *cn; |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
680 const gchar *cn_match; |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
681 gchar *primary, *secondary; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
682 PurpleCertificate *crt = (PurpleCertificate *) vrq->cert_chain->data; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
683 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
684 /* Pull out the SHA1 checksum */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
685 sha_bin = purple_certificate_get_fingerprint_sha1(crt); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
686 /* Now decode it for display */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
687 sha_asc = purple_base16_encode_chunked(sha_bin->data, |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
688 sha_bin->len); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
689 |
18964
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
690 /* Get the cert Common Name */ |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
691 cn = purple_certificate_get_subject_name(crt); |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
692 |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
693 /* Determine whether the name matches */ |
19496
004c3e257bd0
- Even more TODO whacking
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19495
diff
changeset
|
694 if (purple_certificate_check_subject_name(crt, vrq->subject_name)) { |
20270
d94432a338ab
Translating the empty string is a bad idea.
Richard Laager <rlaager@wiktel.com>
parents:
20248
diff
changeset
|
695 cn_match = ""; |
18964
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
696 } else { |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
697 cn_match = _("(DOES NOT MATCH)"); |
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
698 } |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
699 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
700 /* Make messages */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
701 primary = g_strdup_printf(_("%s has presented the following certificate for just-this-once use:"), vrq->subject_name); |
18964
7b03727b10b4
- x509_singleuse uses the subject_name field...somewhat
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18962
diff
changeset
|
702 secondary = g_strdup_printf(_("Common name: %s %s\nFingerprint (SHA1): %s"), cn, cn_match, sha_asc); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
703 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
704 /* Make a semi-pretty display */ |
21099
51cf02dbdb0e
disapproval of revision 'c484d979c4fda4433a9633ff8b69bd8a395c9479'
Richard Laager <rlaager@wiktel.com>
parents:
21095
diff
changeset
|
705 purple_request_accept_cancel( |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
706 vrq->cb_data, /* TODO: Find what the handle ought to be */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
707 _("Single-use Certificate Verification"), |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
708 primary, |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
709 secondary, |
22143
70fc60344317
A few more of those "default_action" fixes
Mark Doliner <mark@kingant.net>
parents:
22142
diff
changeset
|
710 0, /* Accept by default */ |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
711 NULL, /* No account */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
712 NULL, /* No other user */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
713 NULL, /* No associated conversation */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
714 vrq, |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
715 x509_singleuse_verify_cb, |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
716 x509_singleuse_verify_cb ); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
717 |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
718 /* Cleanup */ |
29699
8474495b9dfc
A couple more leak fixes.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
29647
diff
changeset
|
719 g_free(cn); |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
720 g_free(primary); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
721 g_free(secondary); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
722 g_free(sha_asc); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
723 g_byte_array_free(sha_bin, TRUE); |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
724 } |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
725 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
726 static void |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
727 x509_singleuse_destroy_request (PurpleCertificateVerificationRequest *vrq) |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
728 { |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
729 /* I don't do anything! */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
730 } |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
731 |
22593
54e5371a6d5d
Make x509_singleuse static
Stu Tomlinson <stu@nosnilmot.com>
parents:
22486
diff
changeset
|
732 static PurpleCertificateVerifier x509_singleuse = { |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
733 "x509", /* Scheme name */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
734 "singleuse", /* Verifier name */ |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
735 x509_singleuse_start_verify, /* start_verification function */ |
19649
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
736 x509_singleuse_destroy_request, /* Request cleanup operation */ |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
737 |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
738 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
739 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
740 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
741 NULL |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
742 }; |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
743 |
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
744 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
745 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
746 /***** X.509 Certificate Authority pool, keyed by Distinguished Name *****/ |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
747 /* This is implemented in what may be the most inefficient and bugprone way |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
748 possible; however, future optimizations should not be difficult. */ |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
749 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
750 static PurpleCertificatePool x509_ca; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
751 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
752 /** Holds a key-value pair for quickish certificate lookup */ |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
753 typedef struct { |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
754 gchar *dn; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
755 PurpleCertificate *crt; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
756 } x509_ca_element; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
757 |
19207
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
758 static void |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
759 x509_ca_element_free(x509_ca_element *el) |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
760 { |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
761 if (NULL == el) return; |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
762 |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
763 g_free(el->dn); |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
764 purple_certificate_destroy(el->crt); |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
765 g_free(el); |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
766 } |
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
767 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
768 /** System directory to probe for CA certificates */ |
19271
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
769 /* This is set in the lazy_init function */ |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
770 static GList *x509_ca_paths = NULL; |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
771 |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
772 /** A list of loaded CAs, populated from the above path whenever the lazy_init |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
773 happens. Contains pointers to x509_ca_elements */ |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
774 static GList *x509_ca_certs = NULL; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
775 |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
776 /** Used for lazy initialization purposes. */ |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
777 static gboolean x509_ca_initialized = FALSE; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
778 |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
779 /** Adds a certificate to the in-memory cache, doing nothing else */ |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
780 static gboolean |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
781 x509_ca_quiet_put_cert(PurpleCertificate *crt) |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
782 { |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
783 x509_ca_element *el; |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
784 |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
785 /* lazy_init calls this function, so calling lazy_init here is a |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
786 Bad Thing */ |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
787 |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
788 g_return_val_if_fail(crt, FALSE); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
789 g_return_val_if_fail(crt->scheme, FALSE); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
790 /* Make sure that this is some kind of X.509 certificate */ |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
791 /* TODO: Perhaps just check crt->scheme->name instead? */ |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
792 g_return_val_if_fail(crt->scheme == purple_certificate_find_scheme(x509_ca.scheme_name), FALSE); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
793 |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
794 el = g_new0(x509_ca_element, 1); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
795 el->dn = purple_certificate_get_unique_id(crt); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
796 el->crt = purple_certificate_copy(crt); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
797 x509_ca_certs = g_list_prepend(x509_ca_certs, el); |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
798 |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
799 return TRUE; |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
800 } |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
801 |
19271
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
802 /* Since the libpurple CertificatePools get registered before plugins are |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
803 loaded, an X.509 Scheme is generally not available when x509_ca_init is |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
804 called, but x509_ca requires X.509 operations in order to properly load. |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
805 |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
806 To solve this, I present the lazy_init function. It attempts to finish |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
807 initialization of the Pool, but it usually fails when it is called from |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
808 x509_ca_init. However, this is OK; initialization is then simply deferred |
c28e1afe691b
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19211
diff
changeset
|
809 until someone tries to use functions from the pool. */ |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
810 static gboolean |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
811 x509_ca_lazy_init(void) |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
812 { |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
813 PurpleCertificateScheme *x509; |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
814 GDir *certdir; |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
815 const gchar *entry; |
29647
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
816 GPatternSpec *pempat, *crtpat; |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
817 GList *iter = NULL; |
29647
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
818 GSList *crts = NULL; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
819 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
820 if (x509_ca_initialized) return TRUE; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
821 |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
822 /* Check that X.509 is registered */ |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
823 x509 = purple_certificate_find_scheme(x509_ca.scheme_name); |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
824 if ( !x509 ) { |
27231
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25941
diff
changeset
|
825 purple_debug_warning("certificate/x509/ca", |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
826 "Lazy init failed because an X.509 Scheme " |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
827 "is not yet registered. Maybe it will be " |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
828 "better later.\n"); |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
829 return FALSE; |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
830 } |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
831 |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
832 /* Use a glob to only read .pem files */ |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
833 pempat = g_pattern_spec_new("*.pem"); |
29647
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
834 crtpat = g_pattern_spec_new("*.crt"); |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
835 |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
836 /* Populate the certificates pool from the search path(s) */ |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
837 for (iter = x509_ca_paths; iter; iter = iter->next) { |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
838 certdir = g_dir_open(iter->data, 0, NULL); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
839 if (!certdir) { |
22486
3225c99785b8
Fix a bunch of compiler warnings caused by my addition of G_GNUC_PRINTF()
Mark Doliner <mark@kingant.net>
parents:
22143
diff
changeset
|
840 purple_debug_error("certificate/x509/ca", "Couldn't open location '%s'\n", (const char *)iter->data); |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
841 continue; |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
842 } |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
843 |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
844 while ( (entry = g_dir_read_name(certdir)) ) { |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
845 gchar *fullpath; |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
846 PurpleCertificate *crt; |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
847 |
29647
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
848 if (!g_pattern_match_string(pempat, entry) && !g_pattern_match_string(crtpat, entry)) { |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
849 continue; |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
850 } |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
851 |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
852 fullpath = g_build_filename(iter->data, entry, NULL); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
853 |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
854 /* TODO: Respond to a failure in the following? */ |
29647
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
855 crts = purple_certificates_import(x509, fullpath); |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
856 |
29647
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
857 while (crts && crts->data) { |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
858 crt = crts->data; |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
859 if (x509_ca_quiet_put_cert(crt)) { |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
860 gchar *name; |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
861 name = purple_certificate_get_subject_name(crt); |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
862 purple_debug_info("certificate/x509/ca", |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
863 "Loaded %s from %s\n", |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
864 name ? name : "(unknown)", fullpath); |
29699
8474495b9dfc
A couple more leak fixes.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
29647
diff
changeset
|
865 g_free(name); |
29647
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
866 } else { |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
867 purple_debug_error("certificate/x509/ca", |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
868 "Failed to load certificate from %s\n", |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
869 fullpath); |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
870 } |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
871 purple_certificate_destroy(crt); |
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
872 crts = g_slist_delete_link(crts, crts); |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
873 } |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
874 |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
875 g_free(fullpath); |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
876 } |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
877 g_dir_close(certdir); |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
878 } |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
879 |
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
880 g_pattern_spec_free(pempat); |
29647
c35fd54ec64b
Implement reading multiple certificates from a single "bundle" of
Stu Tomlinson <stu@nosnilmot.com>
parents:
29062
diff
changeset
|
881 g_pattern_spec_free(crtpat); |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
882 |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
883 purple_debug_info("certificate/x509/ca", |
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
884 "Lazy init completed.\n"); |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
885 x509_ca_initialized = TRUE; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
886 return TRUE; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
887 } |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
888 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
889 static gboolean |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
890 x509_ca_init(void) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
891 { |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
892 /* Attempt to point at the appropriate system path */ |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
893 if (NULL == x509_ca_paths) { |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
894 #ifdef _WIN32 |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
895 x509_ca_paths = g_list_append(NULL, g_build_filename(DATADIR, |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
896 "ca-certs", NULL)); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
897 #else |
23330
390384053186
Add a configure option, --with-ssl-certificates to allow packagers to
Richard Laager <rlaager@wiktel.com>
parents:
23036
diff
changeset
|
898 # ifdef SSL_CERTIFICATES_DIR |
23685
e72e03fb5ef1
Fix a crash on exit when using --with-system-ssl-certs
Mark Doliner <mark@kingant.net>
parents:
23330
diff
changeset
|
899 x509_ca_paths = g_list_append(NULL, g_strdup(SSL_CERTIFICATES_DIR)); |
23330
390384053186
Add a configure option, --with-ssl-certificates to allow packagers to
Richard Laager <rlaager@wiktel.com>
parents:
23036
diff
changeset
|
900 # endif |
24732
d9e3434d6416
uncondtionally install some certificates and use them, References #6680.
Ka-Hing Cheung <khc@hxbc.us>
parents:
24270
diff
changeset
|
901 x509_ca_paths = g_list_append(x509_ca_paths, |
d9e3434d6416
uncondtionally install some certificates and use them, References #6680.
Ka-Hing Cheung <khc@hxbc.us>
parents:
24270
diff
changeset
|
902 g_build_filename(DATADIR, "purple", "ca-certs", NULL)); |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
903 #endif |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
904 } |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
905 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
906 /* Attempt to initialize now, but if it doesn't work, that's OK; |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
907 it will get done later */ |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
908 if ( ! x509_ca_lazy_init()) { |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
909 purple_debug_info("certificate/x509/ca", |
19095
cd70e75f9a83
- x509_ca_lazy_init is more implemented
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19094
diff
changeset
|
910 "Init failed, probably because a " |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
911 "dependency is not yet registered. " |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
912 "It has been deferred to later.\n"); |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
913 } |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
914 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
915 return TRUE; |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
916 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
917 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
918 static void |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
919 x509_ca_uninit(void) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
920 { |
19202
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
921 GList *l; |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
922 |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
923 for (l = x509_ca_certs; l; l = l->next) { |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
924 x509_ca_element *el = l->data; |
19207
8926e15873ca
- Add a helper function to destroy x509_ca_elements, and use it where
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19206
diff
changeset
|
925 x509_ca_element_free(el); |
19202
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
926 } |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
927 g_list_free(x509_ca_certs); |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
928 x509_ca_certs = NULL; |
c0949e081f43
- Write the uninit function for x509_ca
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19201
diff
changeset
|
929 x509_ca_initialized = FALSE; |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
930 g_list_foreach(x509_ca_paths, (GFunc)g_free, NULL); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
931 g_list_free(x509_ca_paths); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
932 x509_ca_paths = NULL; |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
933 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
934 |
19203
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
935 /** Look up a ca_element by dn */ |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
936 static x509_ca_element * |
19205 | 937 x509_ca_locate_cert(GList *lst, const gchar *dn) |
19203
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
938 { |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
939 GList *cur; |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
940 |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
941 for (cur = lst; cur; cur = cur->next) { |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
942 x509_ca_element *el = cur->data; |
25894
a6e3cb32cdd2
Patch from Paul Aurich to add purple_strequal to help readability and simplicity of code. Ie, don't need to negate the value of strcmp, since this does a strcmp and does the negation for us
Paul Aurich <paul@darkrain42.org>
parents:
24840
diff
changeset
|
943 if (purple_strequal(dn, el->dn)) { |
19203
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
944 return el; |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
945 } |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
946 } |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
947 return NULL; |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
948 } |
6034b8db9dc1
- Add a function to search the x509_ca internal structures for an id
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19202
diff
changeset
|
949 |
30960
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
950 static GSList * |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
951 x509_ca_locate_certs(GList *lst, const gchar *dn) |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
952 { |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
953 GList *cur; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
954 GSList *crts = NULL; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
955 |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
956 for (cur = lst; cur; cur = cur->next) { |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
957 x509_ca_element *el = cur->data; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
958 if (purple_strequal(dn, el->dn)) { |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
959 crts = g_slist_prepend(crts, el); |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
960 } |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
961 } |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
962 return crts; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
963 } |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
964 |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
965 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
966 static gboolean |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
967 x509_ca_cert_in_pool(const gchar *id) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
968 { |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
969 g_return_val_if_fail(x509_ca_lazy_init(), FALSE); |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
970 g_return_val_if_fail(id, FALSE); |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
971 |
19205 | 972 if (x509_ca_locate_cert(x509_ca_certs, id) != NULL) { |
19204
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
973 return TRUE; |
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
974 } else { |
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
975 return FALSE; |
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
976 } |
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
977 |
2847b6c84d6c
- Implement x509_ca cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19203
diff
changeset
|
978 return FALSE; |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
979 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
980 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
981 static PurpleCertificate * |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
982 x509_ca_get_cert(const gchar *id) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
983 { |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
984 PurpleCertificate *crt = NULL; |
19206
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
985 x509_ca_element *el; |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
986 |
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
987 g_return_val_if_fail(x509_ca_lazy_init(), NULL); |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
988 g_return_val_if_fail(id, NULL); |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
989 |
19206
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
990 /* Search the memory-cached pool */ |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
991 el = x509_ca_locate_cert(x509_ca_certs, id); |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
992 |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
993 if (el != NULL) { |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
994 /* Make a copy of the memcached one for the function caller |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
995 to play with */ |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
996 crt = purple_certificate_copy(el->crt); |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
997 } else { |
919395a01483
- Implement x509_ca_get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19205
diff
changeset
|
998 crt = NULL; |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
999 } |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1000 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1001 return crt; |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1002 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1003 |
30960
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1004 static GSList * |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1005 x509_ca_get_certs(const gchar *id) |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1006 { |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1007 GSList *crts = NULL, *els = NULL; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1008 |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1009 g_return_val_if_fail(x509_ca_lazy_init(), NULL); |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1010 g_return_val_if_fail(id, NULL); |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1011 |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1012 /* Search the memory-cached pool */ |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1013 els = x509_ca_locate_certs(x509_ca_certs, id); |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1014 |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1015 if (els != NULL) { |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1016 GSList *cur; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1017 /* Make a copy of the memcached ones for the function caller |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1018 to play with */ |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1019 for (cur = els; cur; cur = cur->next) { |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1020 x509_ca_element *el = cur->data; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1021 crts = g_slist_prepend(crts, purple_certificate_copy(el->crt)); |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1022 } |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1023 g_slist_free(els); |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1024 } |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1025 |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1026 return crts; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1027 } |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1028 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1029 static gboolean |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1030 x509_ca_put_cert(const gchar *id, PurpleCertificate *crt) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1031 { |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1032 gboolean ret = FALSE; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1033 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
1034 g_return_val_if_fail(x509_ca_lazy_init(), FALSE); |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1035 |
19096
81163e153778
- Add a hacked-up method of adding certs to the CA pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19095
diff
changeset
|
1036 /* TODO: This is a quick way of doing this. At some point the change |
81163e153778
- Add a hacked-up method of adding certs to the CA pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19095
diff
changeset
|
1037 ought to be flushed to disk somehow. */ |
19201
73d8dd2169c4
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19096
diff
changeset
|
1038 ret = x509_ca_quiet_put_cert(crt); |
19096
81163e153778
- Add a hacked-up method of adding certs to the CA pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19095
diff
changeset
|
1039 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1040 return ret; |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1041 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1042 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1043 static gboolean |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1044 x509_ca_delete_cert(const gchar *id) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1045 { |
19208
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
1046 x509_ca_element *el; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1047 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
1048 g_return_val_if_fail(x509_ca_lazy_init(), FALSE); |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1049 g_return_val_if_fail(id, FALSE); |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1050 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1051 /* Is the id even in the pool? */ |
19208
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
1052 el = x509_ca_locate_cert(x509_ca_certs, id); |
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
1053 if ( el == NULL ) { |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
1054 purple_debug_warning("certificate/x509/ca", |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1055 "Id %s wasn't in the pool\n", |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1056 id); |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1057 return FALSE; |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1058 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1059 |
19208
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
1060 /* Unlink it from the memory cache and destroy it */ |
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
1061 x509_ca_certs = g_list_remove(x509_ca_certs, el); |
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
1062 x509_ca_element_free(el); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1063 |
19208
7b81934f4c85
- Implement x509_ca_delete_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19207
diff
changeset
|
1064 return TRUE; |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1065 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1066 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1067 static GList * |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1068 x509_ca_get_idlist(void) |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1069 { |
19209
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
1070 GList *l, *idlist; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1071 |
19094
dd9f69ebaae8
In x509_ca pool:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19093
diff
changeset
|
1072 g_return_val_if_fail(x509_ca_lazy_init(), NULL); |
19209
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
1073 |
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
1074 idlist = NULL; |
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
1075 for (l = x509_ca_certs; l; l = l->next) { |
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
1076 x509_ca_element *el = l->data; |
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
1077 idlist = g_list_prepend(idlist, g_strdup(el->dn)); |
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
1078 } |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1079 |
19209
a6ab0ea47d0f
- Implement x509_ca_get_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19208
diff
changeset
|
1080 return idlist; |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1081 } |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1082 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1083 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1084 static PurpleCertificatePool x509_ca = { |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1085 "x509", /* Scheme name */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1086 "ca", /* Pool name */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1087 N_("Certificate Authorities"),/* User-friendly name */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1088 NULL, /* Internal data */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1089 x509_ca_init, /* init */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1090 x509_ca_uninit, /* uninit */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1091 x509_ca_cert_in_pool, /* Certificate exists? */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1092 x509_ca_get_cert, /* Cert retriever */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1093 x509_ca_put_cert, /* Cert writer */ |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1094 x509_ca_delete_cert, /* Cert remover */ |
19649
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1095 x509_ca_get_idlist, /* idlist retriever */ |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1096 |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1097 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1098 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1099 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1100 NULL |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1101 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1102 }; |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1103 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1104 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1105 |
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1106 /***** Cache of certificates given by TLS/SSL peers *****/ |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1107 static PurpleCertificatePool x509_tls_peers; |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1108 |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1109 static gboolean |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1110 x509_tls_peers_init(void) |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1111 { |
18985
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
1112 gchar *poolpath; |
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
1113 int ret; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1114 |
18985
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
1115 /* Set up key cache here if it isn't already done */ |
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
1116 poolpath = purple_certificate_pool_mkpath(&x509_tls_peers, NULL); |
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
1117 ret = purple_build_dir(poolpath, 0700); /* Make it this user only */ |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1118 |
27536
18a96fe78870
Don't fail an assertion and don't return FALSE if we can't create
Mark Doliner <mark@kingant.net>
parents:
27231
diff
changeset
|
1119 if (ret != 0) |
18a96fe78870
Don't fail an assertion and don't return FALSE if we can't create
Mark Doliner <mark@kingant.net>
parents:
27231
diff
changeset
|
1120 purple_debug_info("certificate/tls_peers", |
18a96fe78870
Don't fail an assertion and don't return FALSE if we can't create
Mark Doliner <mark@kingant.net>
parents:
27231
diff
changeset
|
1121 "Could not create %s. Certificates will not be cached.\n", |
18a96fe78870
Don't fail an assertion and don't return FALSE if we can't create
Mark Doliner <mark@kingant.net>
parents:
27231
diff
changeset
|
1122 poolpath); |
18a96fe78870
Don't fail an assertion and don't return FALSE if we can't create
Mark Doliner <mark@kingant.net>
parents:
27231
diff
changeset
|
1123 |
18985
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
1124 g_free(poolpath); |
806c610ac5a0
- Add init for x509_tls_peers pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18984
diff
changeset
|
1125 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1126 return TRUE; |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1127 } |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1128 |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1129 static gboolean |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1130 x509_tls_peers_cert_in_pool(const gchar *id) |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1131 { |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1132 gchar *keypath; |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1133 gboolean ret = FALSE; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1134 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1135 g_return_val_if_fail(id, FALSE); |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1136 |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1137 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id); |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1138 |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1139 ret = g_file_test(keypath, G_FILE_TEST_IS_REGULAR); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1140 |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1141 g_free(keypath); |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1142 return ret; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1143 } |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1144 |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1145 static PurpleCertificate * |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1146 x509_tls_peers_get_cert(const gchar *id) |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1147 { |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1148 PurpleCertificateScheme *x509; |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1149 PurpleCertificate *crt; |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1150 gchar *keypath; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1151 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1152 g_return_val_if_fail(id, NULL); |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1153 |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1154 /* Is it in the pool? */ |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1155 if ( !x509_tls_peers_cert_in_pool(id) ) { |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1156 return NULL; |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1157 } |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1158 |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1159 /* Look up the X.509 scheme */ |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1160 x509 = purple_certificate_find_scheme("x509"); |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1161 g_return_val_if_fail(x509, NULL); |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1162 |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1163 /* Okay, now find and load that key */ |
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1164 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id); |
18990
3f2944bdb404
- Finish tls_peers get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18989
diff
changeset
|
1165 crt = purple_certificate_import(x509, keypath); |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1166 |
18990
3f2944bdb404
- Finish tls_peers get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18989
diff
changeset
|
1167 g_free(keypath); |
18987
a763dd083b79
- Finished tls_peers cert_in_pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18986
diff
changeset
|
1168 |
18990
3f2944bdb404
- Finish tls_peers get_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18989
diff
changeset
|
1169 return crt; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1170 } |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1171 |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1172 static gboolean |
18982
8948cd6bb8bc
- CertificatePool put_cert now accepts an id argument
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18977
diff
changeset
|
1173 x509_tls_peers_put_cert(const gchar *id, PurpleCertificate *crt) |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1174 { |
18991
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1175 gboolean ret = FALSE; |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1176 gchar *keypath; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1177 |
18991
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1178 g_return_val_if_fail(crt, FALSE); |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1179 g_return_val_if_fail(crt->scheme, FALSE); |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1180 /* Make sure that this is some kind of X.509 certificate */ |
18992
605e69fa7108
- Comment change
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18991
diff
changeset
|
1181 /* TODO: Perhaps just check crt->scheme->name instead? */ |
18991
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1182 g_return_val_if_fail(crt->scheme == purple_certificate_find_scheme(x509_tls_peers.scheme_name), FALSE); |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1183 |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1184 /* Work out the filename and export */ |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1185 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id); |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1186 ret = purple_certificate_export(keypath, crt); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1187 |
18991
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1188 g_free(keypath); |
7a144f2229c6
- Add tls_peers put_cert
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18990
diff
changeset
|
1189 return ret; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1190 } |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1191 |
19047
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1192 static gboolean |
19048
fd0b4b2f6cf0
- remove_cert => delete_cert, because naming conventions are our
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19047
diff
changeset
|
1193 x509_tls_peers_delete_cert(const gchar *id) |
19047
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1194 { |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1195 gboolean ret = FALSE; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1196 gchar *keypath; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1197 |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1198 g_return_val_if_fail(id, FALSE); |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1199 |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1200 /* Is the id even in the pool? */ |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1201 if (!x509_tls_peers_cert_in_pool(id)) { |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1202 purple_debug_warning("certificate/tls_peers", |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1203 "Id %s wasn't in the pool\n", |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1204 id); |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1205 return FALSE; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1206 } |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1207 |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1208 /* OK, so work out the keypath and delete the thing */ |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1209 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id); |
19047
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1210 if ( unlink(keypath) != 0 ) { |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1211 purple_debug_error("certificate/tls_peers", |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1212 "Unlink of %s failed!\n", |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1213 keypath); |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1214 ret = FALSE; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1215 } else { |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1216 ret = TRUE; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1217 } |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1218 |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1219 g_free(keypath); |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1220 return ret; |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1221 } |
3af5d9ed9ad3
- Write remove_cert function for tls_peers Pool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19046
diff
changeset
|
1222 |
19027
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1223 static GList * |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1224 x509_tls_peers_get_idlist(void) |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1225 { |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1226 GList *idlist = NULL; |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1227 GDir *dir; |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1228 const gchar *entry; |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1229 gchar *poolpath; |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1230 |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1231 /* Get a handle on the pool directory */ |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1232 poolpath = purple_certificate_pool_mkpath(&x509_tls_peers, NULL); |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1233 dir = g_dir_open(poolpath, |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1234 0, /* No flags */ |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1235 NULL); /* Not interested in what the error is */ |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1236 g_free(poolpath); |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1237 |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1238 g_return_val_if_fail(dir, NULL); |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1239 |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1240 /* Traverse the directory listing and create an idlist */ |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1241 while ( (entry = g_dir_read_name(dir)) != NULL ) { |
19078
3987f76c0e4b
- tls_peers pool unescapes filenames in its directory, as it should
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19077
diff
changeset
|
1242 /* Unescape the filename */ |
3987f76c0e4b
- tls_peers pool unescapes filenames in its directory, as it should
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19077
diff
changeset
|
1243 const char *unescaped = purple_unescape_filename(entry); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1244 |
19027
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1245 /* Copy the entry name into our list (GLib owns the original |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1246 string) */ |
19078
3987f76c0e4b
- tls_peers pool unescapes filenames in its directory, as it should
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19077
diff
changeset
|
1247 idlist = g_list_prepend(idlist, g_strdup(unescaped)); |
19027
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1248 } |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1249 |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1250 /* Release the directory */ |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1251 g_dir_close(dir); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1252 |
19027
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1253 return idlist; |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1254 } |
15d9031e03b2
- Add get_idlist support to tls_peers CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19026
diff
changeset
|
1255 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1256 static PurpleCertificatePool x509_tls_peers = { |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1257 "x509", /* Scheme name */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1258 "tls_peers", /* Pool name */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1259 N_("SSL Peers Cache"), /* User-friendly name */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1260 NULL, /* Internal data */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1261 x509_tls_peers_init, /* init */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1262 NULL, /* uninit not required */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1263 x509_tls_peers_cert_in_pool, /* Certificate exists? */ |
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1264 x509_tls_peers_get_cert, /* Cert retriever */ |
19026
b3acaf46d9ad
- Add pool_get_idlist / pool_destroy_idlist
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19024
diff
changeset
|
1265 x509_tls_peers_put_cert, /* Cert writer */ |
19049
8cbc110456ac
- Add purple_certificate_pool_delete
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19048
diff
changeset
|
1266 x509_tls_peers_delete_cert, /* Cert remover */ |
19649
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1267 x509_tls_peers_get_idlist, /* idlist retriever */ |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1268 |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1269 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1270 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1271 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1272 NULL |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1273 }; |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1274 |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1275 |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1276 /***** A Verifier that uses the tls_peers cache and the CA pool to validate certificates *****/ |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1277 static PurpleCertificateVerifier x509_tls_cached; |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1278 |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1279 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1280 /* The following is several hacks piled together and needs to be fixed. |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1281 * It exists because show_cert (see its comments) needs the original reason |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1282 * given to user_auth in order to rebuild the dialog. |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1283 */ |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1284 /* TODO: This will cause a ua_ctx to become memleaked if the request(s) get |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1285 closed by handle or otherwise abnormally. */ |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1286 typedef struct { |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1287 PurpleCertificateVerificationRequest *vrq; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1288 gchar *reason; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1289 } x509_tls_cached_ua_ctx; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1290 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1291 static x509_tls_cached_ua_ctx * |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1292 x509_tls_cached_ua_ctx_new(PurpleCertificateVerificationRequest *vrq, |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1293 const gchar *reason) |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1294 { |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1295 x509_tls_cached_ua_ctx *c; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1296 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1297 c = g_new0(x509_tls_cached_ua_ctx, 1); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1298 c->vrq = vrq; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1299 c->reason = g_strdup(reason); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1300 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1301 return c; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1302 } |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1303 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1304 |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1305 static void |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1306 x509_tls_cached_ua_ctx_free(x509_tls_cached_ua_ctx *c) |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1307 { |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1308 g_return_if_fail(c); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1309 g_free(c->reason); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1310 g_free(c); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1311 } |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1312 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1313 static void |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1314 x509_tls_cached_user_auth(PurpleCertificateVerificationRequest *vrq, |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1315 const gchar *reason); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1316 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1317 static void |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1318 x509_tls_cached_show_cert(x509_tls_cached_ua_ctx *c, gint id) |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1319 { |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1320 PurpleCertificate *disp_crt = c->vrq->cert_chain->data; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1321 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1322 /* Since clicking a button closes the request, show it again */ |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1323 x509_tls_cached_user_auth(c->vrq, c->reason); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1324 |
19564
4a1812e1ec35
When you have a certificate dialog and you click on "View Certificate",
Mark Doliner <mark@kingant.net>
parents:
19553
diff
changeset
|
1325 /* Show the certificate AFTER re-opening the dialog so that this |
4a1812e1ec35
When you have a certificate dialog and you click on "View Certificate",
Mark Doliner <mark@kingant.net>
parents:
19553
diff
changeset
|
1326 appears above the other */ |
4a1812e1ec35
When you have a certificate dialog and you click on "View Certificate",
Mark Doliner <mark@kingant.net>
parents:
19553
diff
changeset
|
1327 purple_certificate_display_x509(disp_crt); |
4a1812e1ec35
When you have a certificate dialog and you click on "View Certificate",
Mark Doliner <mark@kingant.net>
parents:
19553
diff
changeset
|
1328 |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1329 x509_tls_cached_ua_ctx_free(c); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1330 } |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1331 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1332 static void |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1333 x509_tls_cached_user_auth_cb (x509_tls_cached_ua_ctx *c, gint id) |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1334 { |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1335 PurpleCertificateVerificationRequest *vrq; |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1336 PurpleCertificatePool *tls_peers; |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1337 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1338 g_return_if_fail(c); |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1339 g_return_if_fail(c->vrq); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1340 |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1341 vrq = c->vrq; |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1342 |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1343 x509_tls_cached_ua_ctx_free(c); |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1344 |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1345 tls_peers = purple_certificate_find_pool("x509","tls_peers"); |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1346 |
19331
920984752314
- Fix the interpretation of the "accept cert? yes/no" choice id given by
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19330
diff
changeset
|
1347 if (2 == id) { |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1348 gchar *cache_id = vrq->subject_name; |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1349 purple_debug_info("certificate/x509/tls_cached", |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1350 "User ACCEPTED cert\nCaching first in chain for future use as %s...\n", |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1351 cache_id); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1352 |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1353 purple_certificate_pool_store(tls_peers, cache_id, |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1354 vrq->cert_chain->data); |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1355 |
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1356 purple_certificate_verify_complete(vrq, |
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1357 PURPLE_CERTIFICATE_VALID); |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1358 } else { |
27231
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25941
diff
changeset
|
1359 purple_debug_warning("certificate/x509/tls_cached", |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1360 "User REJECTED cert\n"); |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1361 purple_certificate_verify_complete(vrq, |
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1362 PURPLE_CERTIFICATE_INVALID); |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1363 } |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1364 } |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1365 |
19515
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1366 static void |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1367 x509_tls_cached_user_auth_accept_cb(x509_tls_cached_ua_ctx *c, gint ignore) |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1368 { |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1369 x509_tls_cached_user_auth_cb(c, 2); |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1370 } |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1371 |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1372 static void |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1373 x509_tls_cached_user_auth_reject_cb(x509_tls_cached_ua_ctx *c, gint ignore) |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1374 { |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1375 x509_tls_cached_user_auth_cb(c, 1); |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1376 } |
b62683f4120d
There's some disagreement over the response-id sent to the callbacks to
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19504
diff
changeset
|
1377 |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1378 /** Validates a certificate by asking the user |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1379 * @param reason String to explain why the user needs to accept/refuse the |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1380 * certificate. |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1381 * @todo Needs a handle argument |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1382 */ |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1383 static void |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1384 x509_tls_cached_user_auth(PurpleCertificateVerificationRequest *vrq, |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1385 const gchar *reason) |
19000
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1386 { |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1387 gchar *primary; |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1388 |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1389 /* Make messages */ |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1390 primary = g_strdup_printf(_("Accept certificate for %s?"), |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1391 vrq->subject_name); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1392 |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1393 /* Make a semi-pretty display */ |
21099
51cf02dbdb0e
disapproval of revision 'c484d979c4fda4433a9633ff8b69bd8a395c9479'
Richard Laager <rlaager@wiktel.com>
parents:
21095
diff
changeset
|
1394 purple_request_action( |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1395 vrq->cb_data, /* TODO: Find what the handle ought to be */ |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1396 _("SSL Certificate Verification"), |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1397 primary, |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1398 reason, |
22142
1f3f2d2c9a2b
A few more "purple_request_action" default action corrections
Mark Doliner <mark@kingant.net>
parents:
21929
diff
changeset
|
1399 0, /* Accept by default */ |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1400 NULL, /* No account */ |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1401 NULL, /* No other user */ |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1402 NULL, /* No associated conversation */ |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1403 x509_tls_cached_ua_ctx_new(vrq, reason), |
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1404 3, /* Number of actions */ |
19534
126c5235627b
- Change wording on certificate accept/reject dialog
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19517
diff
changeset
|
1405 _("Accept"), x509_tls_cached_user_auth_accept_cb, |
126c5235627b
- Change wording on certificate accept/reject dialog
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19517
diff
changeset
|
1406 _("Reject"), x509_tls_cached_user_auth_reject_cb, |
19330
b65a23799dc2
In tls_cached:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19329
diff
changeset
|
1407 _("_View Certificate..."), x509_tls_cached_show_cert); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1408 |
19001
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1409 /* Cleanup */ |
b207701cb5a3
- Wrote the logic for the "previously unknown host" condition in
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19000
diff
changeset
|
1410 g_free(primary); |
19000
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1411 } |
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1412 |
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1413 static void |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1414 x509_tls_cached_unknown_peer(PurpleCertificateVerificationRequest *vrq, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1415 PurpleCertificateInvalidityFlags flags); |
21929
cedbb3860134
If a peer certificate does not match our cached cert, do not auto reject it!
Stu Tomlinson <stu@nosnilmot.com>
parents:
21927
diff
changeset
|
1416 |
cedbb3860134
If a peer certificate does not match our cached cert, do not auto reject it!
Stu Tomlinson <stu@nosnilmot.com>
parents:
21927
diff
changeset
|
1417 static void |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1418 x509_tls_cached_complete(PurpleCertificateVerificationRequest *vrq, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1419 PurpleCertificateInvalidityFlags flags) |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1420 { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1421 PurpleCertificatePool *tls_peers; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1422 PurpleCertificate *peer_crt = vrq->cert_chain->data; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1423 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1424 if (flags & PURPLE_CERTIFICATE_FATALS_MASK) { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1425 /* TODO: Also print any other warnings? */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1426 const gchar *error; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1427 gchar *tmp, *secondary; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1428 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1429 if (flags & PURPLE_CERTIFICATE_INVALID_CHAIN) |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1430 error = invalidity_reason_to_string(PURPLE_CERTIFICATE_INVALID_CHAIN); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1431 else if (flags & PURPLE_CERTIFICATE_REVOKED) |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1432 error = invalidity_reason_to_string(PURPLE_CERTIFICATE_REVOKED); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1433 else |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1434 error = invalidity_reason_to_string(PURPLE_CERTIFICATE_UNKNOWN_ERROR); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1435 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1436 tmp = g_strdup_printf(_("The certificate for %s could not be validated."), |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1437 vrq->subject_name); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1438 secondary = g_strconcat(tmp, " ", error, NULL); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1439 g_free(tmp); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1440 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1441 purple_notify_error(NULL, /* TODO: Probably wrong. */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1442 _("SSL Certificate Error"), |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1443 _("Unable to validate certificate"), |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1444 secondary); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1445 g_free(secondary); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1446 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1447 purple_certificate_verify_complete(vrq, PURPLE_CERTIFICATE_INVALID); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1448 return; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1449 } else if (flags & PURPLE_CERTIFICATE_NON_FATALS_MASK) { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1450 /* Non-fatal error. Prompt the user. */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1451 gchar *tmp; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1452 GString *errors; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1453 guint32 i = 1; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1454 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1455 tmp = g_strdup_printf(_("The certificate for %s could not be validated."), |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1456 vrq->subject_name); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1457 errors = g_string_new(tmp); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1458 g_free(tmp); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1459 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1460 errors = g_string_append_c(errors, '\n'); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1461 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1462 /* Special case a name mismatch because we want to display the two names... */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1463 if (flags & PURPLE_CERTIFICATE_NAME_MISMATCH) { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1464 gchar *sn = purple_certificate_get_subject_name(peer_crt); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1465 |
28392
64fbf431d952
Print that specific message only when there is a CN; otherwise fall back
Paul Aurich <paul@darkrain42.org>
parents:
28391
diff
changeset
|
1466 if (sn) { |
64fbf431d952
Print that specific message only when there is a CN; otherwise fall back
Paul Aurich <paul@darkrain42.org>
parents:
28391
diff
changeset
|
1467 g_string_append_printf(errors, _("The certificate claims to be " |
64fbf431d952
Print that specific message only when there is a CN; otherwise fall back
Paul Aurich <paul@darkrain42.org>
parents:
28391
diff
changeset
|
1468 "from \"%s\" instead. This could mean that you are " |
64fbf431d952
Print that specific message only when there is a CN; otherwise fall back
Paul Aurich <paul@darkrain42.org>
parents:
28391
diff
changeset
|
1469 "not connecting to the service you believe you are."), |
64fbf431d952
Print that specific message only when there is a CN; otherwise fall back
Paul Aurich <paul@darkrain42.org>
parents:
28391
diff
changeset
|
1470 sn); |
64fbf431d952
Print that specific message only when there is a CN; otherwise fall back
Paul Aurich <paul@darkrain42.org>
parents:
28391
diff
changeset
|
1471 g_free(sn); |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1472 |
28392
64fbf431d952
Print that specific message only when there is a CN; otherwise fall back
Paul Aurich <paul@darkrain42.org>
parents:
28391
diff
changeset
|
1473 flags &= ~PURPLE_CERTIFICATE_NAME_MISMATCH; |
64fbf431d952
Print that specific message only when there is a CN; otherwise fall back
Paul Aurich <paul@darkrain42.org>
parents:
28391
diff
changeset
|
1474 } |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1475 } |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1476 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1477 while (i != PURPLE_CERTIFICATE_LAST) { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1478 if (flags & i) { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1479 errors = g_string_append_c(errors, '\n'); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1480 g_string_append(errors, invalidity_reason_to_string(i)); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1481 } |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1482 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1483 i <<= 1; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1484 } |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1485 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1486 x509_tls_cached_user_auth(vrq, errors->str); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1487 g_string_free(errors, TRUE); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1488 return; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1489 } |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1490 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1491 /* If we reach this point, the certificate is good. */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1492 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1493 /* Look up the local cache and store it there for future use */ |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1494 tls_peers = purple_certificate_find_pool(x509_tls_cached.scheme_name, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1495 "tls_peers"); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1496 if (tls_peers) { |
28804
57ee55097ec8
certs: Cache certs once again (at the end of the verification process).
Paul Aurich <paul@darkrain42.org>
parents:
28647
diff
changeset
|
1497 if (!purple_certificate_pool_store(tls_peers,vrq->subject_name, |
57ee55097ec8
certs: Cache certs once again (at the end of the verification process).
Paul Aurich <paul@darkrain42.org>
parents:
28647
diff
changeset
|
1498 peer_crt)) { |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1499 purple_debug_error("certificate/x509/tls_cached", |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1500 "FAILED to cache peer certificate\n"); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1501 } |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1502 } else { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1503 purple_debug_error("certificate/x509/tls_cached", |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1504 "Unable to locate tls_peers certificate cache.\n"); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1505 } |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1506 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1507 purple_certificate_verify_complete(vrq, PURPLE_CERTIFICATE_VALID); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1508 } |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1509 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1510 static void |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1511 x509_tls_cached_cert_in_cache(PurpleCertificateVerificationRequest *vrq, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1512 PurpleCertificateInvalidityFlags flags) |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1513 { |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1514 /* TODO: Looking this up by name over and over is expensive. |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1515 Fix, please! */ |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1516 PurpleCertificatePool *tls_peers = |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1517 purple_certificate_find_pool(x509_tls_cached.scheme_name, |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1518 "tls_peers"); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1519 |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1520 /* The peer's certificate should be the first in the list */ |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1521 PurpleCertificate *peer_crt = |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1522 (PurpleCertificate *) vrq->cert_chain->data; |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1523 |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1524 PurpleCertificate *cached_crt; |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1525 GByteArray *peer_fpr, *cached_fpr; |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1526 |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1527 /* Load up the cached certificate */ |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1528 cached_crt = purple_certificate_pool_retrieve( |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1529 tls_peers, vrq->subject_name); |
19553
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
1530 if ( !cached_crt ) { |
27567
199cf148cdf8
Continue verification when we can't find a *cached* peer. Fixes #9664.
Paul Aurich <paul@darkrain42.org>
parents:
27536
diff
changeset
|
1531 purple_debug_warning("certificate/x509/tls_cached", |
19553
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
1532 "Lookup failed on cached certificate!\n" |
27567
199cf148cdf8
Continue verification when we can't find a *cached* peer. Fixes #9664.
Paul Aurich <paul@darkrain42.org>
parents:
27536
diff
changeset
|
1533 "Falling back to full verification.\n"); |
199cf148cdf8
Continue verification when we can't find a *cached* peer. Fixes #9664.
Paul Aurich <paul@darkrain42.org>
parents:
27536
diff
changeset
|
1534 /* vrq now becomes the problem of unknown_peer */ |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1535 x509_tls_cached_unknown_peer(vrq, flags); |
24840
7608cf033a88
Prevent a NULL ptr deref when unexpected stuff happens in the cert cache. Fixes #7776,#7769
Daniel Atallah <daniel.atallah@gmail.com>
parents:
24732
diff
changeset
|
1536 return; |
19553
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
1537 } |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1538 |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1539 /* Now get SHA1 sums for both and compare them */ |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1540 /* TODO: This is not an elegant way to compare certs */ |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1541 peer_fpr = purple_certificate_get_fingerprint_sha1(peer_crt); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1542 cached_fpr = purple_certificate_get_fingerprint_sha1(cached_crt); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1543 if (!memcmp(peer_fpr->data, cached_fpr->data, peer_fpr->len)) { |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1544 purple_debug_info("certificate/x509/tls_cached", |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1545 "Peer cert matched cached\n"); |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1546 x509_tls_cached_complete(vrq, flags); |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1547 } else { |
27231
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25941
diff
changeset
|
1548 purple_debug_error("certificate/x509/tls_cached", |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1549 "Peer cert did NOT match cached\n"); |
21929
cedbb3860134
If a peer certificate does not match our cached cert, do not auto reject it!
Stu Tomlinson <stu@nosnilmot.com>
parents:
21927
diff
changeset
|
1550 /* vrq now becomes the problem of the user */ |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1551 x509_tls_cached_unknown_peer(vrq, flags); |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1552 } |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1553 |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1554 purple_certificate_destroy(cached_crt); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1555 g_byte_array_free(peer_fpr, TRUE); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1556 g_byte_array_free(cached_fpr, TRUE); |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1557 } |
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1558 |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1559 /* |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1560 * This is called from two points in x509_tls_cached_unknown_peer below |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1561 * once we've verified the signature chain is valid. Now we need to verify |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1562 * the subject name of the certificate. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1563 */ |
19085
1bd9557f866e
In tls_cached Verifier:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19084
diff
changeset
|
1564 static void |
27763
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
27734
diff
changeset
|
1565 x509_tls_cached_check_subject_name(PurpleCertificateVerificationRequest *vrq, |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1566 PurpleCertificateInvalidityFlags flags) |
19085
1bd9557f866e
In tls_cached Verifier:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19084
diff
changeset
|
1567 { |
27671
99baf778e0b9
Fix GnuTLS validation of the CACert Chain. Closes #4458.
Paul Aurich <paul@darkrain42.org>
parents:
27669
diff
changeset
|
1568 PurpleCertificate *peer_crt; |
19089
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1569 GList *chain = vrq->cert_chain; |
c8962b52579e
- Wrote a tls_cached unknown_peer function that does many fun things,
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19088
diff
changeset
|
1570 |
19090
5310b1294287
- Add HOSTNAME CHECKING to tls_cached unknown_peer mode, which is kind
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19089
diff
changeset
|
1571 peer_crt = (PurpleCertificate *) chain->data; |
5310b1294287
- Add HOSTNAME CHECKING to tls_cached unknown_peer mode, which is kind
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19089
diff
changeset
|
1572 |
21927
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1573 /* Last, check that the hostname matches */ |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1574 if ( ! purple_certificate_check_subject_name(peer_crt, |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1575 vrq->subject_name) ) { |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1576 gchar *sn = purple_certificate_get_subject_name(peer_crt); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1577 |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1578 flags |= PURPLE_CERTIFICATE_NAME_MISMATCH; |
27231
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25941
diff
changeset
|
1579 purple_debug_error("certificate/x509/tls_cached", |
21927
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1580 "Name mismatch: Certificate given for %s " |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1581 "has a name of %s\n", |
a464f202e6c4
Add the StartCom Free SSL Certificate Authority certificate (as used by
Stu Tomlinson <stu@nosnilmot.com>
parents:
21887
diff
changeset
|
1582 vrq->subject_name, sn); |
29699
8474495b9dfc
A couple more leak fixes.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
29647
diff
changeset
|
1583 g_free(sn); |
27763
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
27734
diff
changeset
|
1584 } |
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
27734
diff
changeset
|
1585 |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1586 x509_tls_cached_complete(vrq, flags); |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1587 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1588 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1589 /* For when we've never communicated with this party before */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1590 /* TODO: Need ways to specify possibly multiple problems with a cert, or at |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1591 least reprioritize them. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1592 */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1593 static void |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1594 x509_tls_cached_unknown_peer(PurpleCertificateVerificationRequest *vrq, |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1595 PurpleCertificateInvalidityFlags flags) |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1596 { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1597 PurpleCertificatePool *ca; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1598 PurpleCertificate *peer_crt; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1599 PurpleCertificate *ca_crt, *end_crt; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1600 PurpleCertificate *failing_crt; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1601 GList *chain = vrq->cert_chain; |
30960
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1602 GSList *ca_crts, *cur; |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1603 GByteArray *last_fpr, *ca_fpr; |
30960
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1604 gboolean valid = FALSE; |
31172
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1605 gchar *ca_id, *ca2_id; |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1606 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1607 peer_crt = (PurpleCertificate *) chain->data; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1608 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1609 /* TODO: Figure out a way to check for a bad signature, as opposed to |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1610 "not self-signed" */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1611 if ( purple_certificate_signed_by(peer_crt, peer_crt) ) { |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1612 flags |= PURPLE_CERTIFICATE_SELF_SIGNED; |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1613 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1614 purple_debug_info("certificate/x509/tls_cached", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1615 "Certificate for %s is self-signed.\n", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1616 vrq->subject_name); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1617 |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1618 x509_tls_cached_check_subject_name(vrq, flags); |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1619 return; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1620 } /* if (self signed) */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1621 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1622 ca = purple_certificate_find_pool(x509_tls_cached.scheme_name, "ca"); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1623 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1624 /* Next, check that the certificate chain is valid */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1625 if (!purple_certificate_check_signature_chain_with_failing(chain, |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1626 &failing_crt)) |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1627 { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1628 gboolean chain_validated = FALSE; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1629 /* |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1630 * Check if the failing certificate is in the CA store. If it is, then |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1631 * consider this fully validated. This works around issues with some |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1632 * prominent intermediate CAs whose signature is md5WithRSAEncryption. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1633 * I'm looking at CACert Class 3 here. See #4458 for details. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1634 */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1635 if (ca) { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1636 gchar *uid = purple_certificate_get_unique_id(failing_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1637 PurpleCertificate *ca_crt = purple_certificate_pool_retrieve(ca, uid); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1638 if (ca_crt != NULL) { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1639 GByteArray *failing_fpr; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1640 GByteArray *ca_fpr; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1641 failing_fpr = purple_certificate_get_fingerprint_sha1(failing_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1642 ca_fpr = purple_certificate_get_fingerprint_sha1(ca_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1643 if (byte_arrays_equal(failing_fpr, ca_fpr)) { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1644 purple_debug_info("certificate/x509/tls_cached", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1645 "Full chain verification failed (probably a bad " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1646 "signature algorithm), but found the last " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1647 "certificate %s in the CA pool.\n", uid); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1648 chain_validated = TRUE; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1649 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1650 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1651 g_byte_array_free(failing_fpr, TRUE); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1652 g_byte_array_free(ca_fpr, TRUE); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1653 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1654 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1655 purple_certificate_destroy(ca_crt); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1656 g_free(uid); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1657 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1658 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1659 /* |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1660 * If we get here, either the cert matched the stuff right above |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1661 * or it didn't, in which case we give up and complain to the user. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1662 */ |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1663 if (!chain_validated) |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1664 /* TODO: Tell the user where the chain broke? */ |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1665 flags |= PURPLE_CERTIFICATE_INVALID_CHAIN; |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1666 |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1667 x509_tls_cached_check_subject_name(vrq, flags); |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1668 return; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1669 } /* if (signature chain not good) */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1670 |
31172
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1671 /* Next, attempt to verify the last certificate is signed by a trusted |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1672 * CA, or is a trusted CA (based on fingerprint). |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1673 */ |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1674 /* If, for whatever reason, there is no Certificate Authority pool |
27763
f834ffa7490b
cert: Validate subject name before prompting due to no CA pool.
Paul Aurich <paul@darkrain42.org>
parents:
27734
diff
changeset
|
1675 loaded, we'll verify the subject name and then warn about thsi. */ |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1676 if ( !ca ) { |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1677 purple_debug_error("certificate/x509/tls_cached", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1678 "No X.509 Certificate Authority pool " |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1679 "could be found!\n"); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1680 |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1681 flags |= PURPLE_CERTIFICATE_NO_CA_POOL; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1682 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1683 x509_tls_cached_check_subject_name(vrq, flags); |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1684 return; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1685 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1686 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1687 end_crt = g_list_last(chain)->data; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1688 |
31172
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1689 /* Attempt to look up the last certificate, and the last certificate's |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1690 * issuer. |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1691 */ |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1692 ca_id = purple_certificate_get_issuer_unique_id(end_crt); |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1693 ca2_id = purple_certificate_get_unique_id(end_crt); |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1694 purple_debug_info("certificate/x509/tls_cached", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1695 "Checking for a CA with DN=%s\n", |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1696 ca_id); |
31172
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1697 purple_debug_info("certificate/x509/tls_cached", |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1698 "Also checking for a CA with DN=%s\n", |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1699 ca2_id); |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1700 ca_crts = g_slist_concat(x509_ca_get_certs(ca_id), x509_ca_get_certs(ca2_id)); |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1701 g_free(ca_id); |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1702 g_free(ca2_id); |
30960
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1703 if ( NULL == ca_crts ) { |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1704 flags |= PURPLE_CERTIFICATE_CA_UNKNOWN; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1705 |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1706 purple_debug_warning("certificate/x509/tls_cached", |
31172
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1707 "No Certificate Authorities with either DN found " |
e89df17f5ae7
certificate: Better validation of chains which have an intermediate signed w/ MD5.
Paul Aurich <paul@darkrain42.org>
parents:
31171
diff
changeset
|
1708 "found. I'll prompt the user, I guess.\n"); |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1709 |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1710 x509_tls_cached_check_subject_name(vrq, flags); |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1711 return; |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1712 } |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1713 |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1714 /* |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1715 * Check the fingerprints; if they match, then this certificate *is* one |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1716 * of the designated "trusted roots", and we don't need to verify the |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1717 * signature. This is good because some of the older roots are self-signed |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1718 * with bad hash algorithms that we don't want to allow in any other |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1719 * circumstances (one of Verisign's root CAs is self-signed with MD2). |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1720 * |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1721 * If the fingerprints don't match, we'll fall back to checking the |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1722 * signature. |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1723 */ |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1724 last_fpr = purple_certificate_get_fingerprint_sha1(end_crt); |
30960
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1725 for (cur = ca_crts; cur; cur = cur->next) { |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1726 ca_crt = cur->data; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1727 ca_fpr = purple_certificate_get_fingerprint_sha1(ca_crt); |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1728 |
30960
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1729 if ( byte_arrays_equal(last_fpr, ca_fpr) || |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1730 purple_certificate_signed_by(end_crt, ca_crt) ) |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1731 { |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1732 /* TODO: If signed_by ever returns a reason, maybe mention |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1733 that, too. */ |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1734 /* TODO: Also mention the CA involved. While I could do this |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1735 now, a full DN is a little much with which to assault the |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1736 user's poor, leaky eyes. */ |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1737 valid = TRUE; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1738 g_byte_array_free(ca_fpr, TRUE); |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1739 break; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1740 } |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1741 |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1742 g_byte_array_free(ca_fpr, TRUE); |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1743 } |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1744 |
30960
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1745 if (valid == FALSE) |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1746 flags |= PURPLE_CERTIFICATE_INVALID_CHAIN; |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1747 |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1748 g_slist_foreach(ca_crts, (GFunc)purple_certificate_destroy, NULL); |
27c56e6b5fa6
Our certificate code is generally designed around no two CA
Stu Tomlinson <stu@nosnilmot.com>
parents:
30573
diff
changeset
|
1749 g_slist_free(ca_crts); |
27734
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1750 g_byte_array_free(last_fpr, TRUE); |
d0654dea0575
certs: Clean up the code a little, since I made it hard to follow.
Paul Aurich <paul@darkrain42.org>
parents:
27671
diff
changeset
|
1751 |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1752 x509_tls_cached_check_subject_name(vrq, flags); |
19085
1bd9557f866e
In tls_cached Verifier:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19084
diff
changeset
|
1753 } |
1bd9557f866e
In tls_cached Verifier:
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19084
diff
changeset
|
1754 |
19000
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1755 static void |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1756 x509_tls_cached_start_verify(PurpleCertificateVerificationRequest *vrq) |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1757 { |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1758 const gchar *tls_peers_name = "tls_peers"; /* Name of local cache */ |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1759 PurpleCertificatePool *tls_peers; |
27664
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
1760 time_t now, activation, expiration; |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1761 PurpleCertificateInvalidityFlags flags = PURPLE_CERTIFICATE_NO_PROBLEMS; |
27664
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
1762 gboolean ret; |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1763 |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1764 g_return_if_fail(vrq); |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1765 |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1766 purple_debug_info("certificate/x509/tls_cached", |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1767 "Starting verify for %s\n", |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1768 vrq->subject_name); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1769 |
27664
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
1770 /* |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
1771 * Verify the first certificate (the main one) has been activated and |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
1772 * isn't expired, i.e. activation < now < expiration. |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
1773 */ |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
1774 now = time(NULL); |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
1775 ret = purple_certificate_get_times(vrq->cert_chain->data, &activation, |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
1776 &expiration); |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1777 if (!ret) { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1778 flags |= PURPLE_CERTIFICATE_EXPIRED | PURPLE_CERTIFICATE_NOT_ACTIVATED; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1779 purple_debug_error("certificate/x509/tls_cached", |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1780 "Failed to get validity times for certificate %s\n", |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1781 vrq->subject_name); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1782 } else if (now > expiration) { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1783 flags |= PURPLE_CERTIFICATE_EXPIRED; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1784 purple_debug_error("certificate/x509/tls_cached", |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1785 "Certificate %s expired at %s\n", |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1786 vrq->subject_name, ctime(&expiration)); |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1787 } else if (now < activation) { |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1788 flags |= PURPLE_CERTIFICATE_NOT_ACTIVATED; |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1789 purple_debug_error("certificate/x509/tls_cached", |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1790 "Certificate %s is not yet valid, will be at %s\n", |
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1791 vrq->subject_name, ctime(&activation)); |
27664
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
1792 } |
151ec92db74c
Check expiration/activation times on certificates. Closes #8226.
Paul Aurich <paul@darkrain42.org>
parents:
27567
diff
changeset
|
1793 |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1794 tls_peers = purple_certificate_find_pool(x509_tls_cached.scheme_name,tls_peers_name); |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1795 |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1796 if (!tls_peers) { |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1797 purple_debug_error("certificate/x509/tls_cached", |
23987
11f98b1e605b
remove misleading portion of the debug line
Ka-Hing Cheung <khc@hxbc.us>
parents:
23685
diff
changeset
|
1798 "Couldn't find local peers cache %s\n", |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1799 tls_peers_name); |
19091
489889091b14
- Remove all usage of purple_certificate_verify_destroy, as it is
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19090
diff
changeset
|
1800 |
20247
e6315ec87124
applied changes from 92e6c32278d711f0d5807c4d931b26162e4a720f
Richard Laager <rlaager@wiktel.com>
parents:
19688
diff
changeset
|
1801 /* vrq now becomes the problem of unknown_peer */ |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1802 x509_tls_cached_unknown_peer(vrq, flags); |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1803 return; |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1804 } |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1805 |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1806 /* Check if the peer has a certificate cached already */ |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1807 purple_debug_info("certificate/x509/tls_cached", |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1808 "Checking for cached cert...\n"); |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1809 if (purple_certificate_pool_contains(tls_peers, vrq->subject_name)) { |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1810 purple_debug_info("certificate/x509/tls_cached", |
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1811 "...Found cached cert\n"); |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1812 /* vrq is now the responsibility of cert_in_cache */ |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1813 x509_tls_cached_cert_in_cache(vrq, flags); |
19086
e256e0bf8ae1
- Move "certificate found in cache" out of tls_cached_start_verify into
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19085
diff
changeset
|
1814 } else { |
27231
627d23bfdb05
Increase the logging level of some debugging messages that seemed to be a
mauro.brasil@tqi.com.br
parents:
25941
diff
changeset
|
1815 purple_debug_warning("certificate/x509/tls_cached", |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1816 "...Not in cache\n"); |
19000
986413850713
- More skeletonizing for tls_cached logic.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18999
diff
changeset
|
1817 /* vrq now becomes the problem of unknown_peer */ |
28051
b341ae89f5ce
certs: Allow for dealing with multiple things wrong with a cert.
Paul Aurich <paul@darkrain42.org>
parents:
27982
diff
changeset
|
1818 x509_tls_cached_unknown_peer(vrq, flags); |
18999
7fbd0a6ac8d6
- Made a logic skeleton for tls_cached verifier
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18996
diff
changeset
|
1819 } |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1820 } |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1821 |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1822 static void |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1823 x509_tls_cached_destroy_request(PurpleCertificateVerificationRequest *vrq) |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1824 { |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1825 g_return_if_fail(vrq); |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1826 } |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1827 |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1828 static PurpleCertificateVerifier x509_tls_cached = { |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1829 "x509", /* Scheme name */ |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1830 "tls_cached", /* Verifier name */ |
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1831 x509_tls_cached_start_verify, /* Verification begin */ |
19649
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1832 x509_tls_cached_destroy_request,/* Request cleanup */ |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1833 |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1834 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1835 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1836 NULL, |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1837 NULL |
450f4a3c4c0f
- Add purple_reserved fields to various structures.
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19564
diff
changeset
|
1838 |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1839 }; |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1840 |
18950
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1841 /****************************************************************************/ |
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1842 /* Subsystem */ |
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1843 /****************************************************************************/ |
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1844 void |
18957
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1845 purple_certificate_init(void) |
18950
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1846 { |
18957
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1847 /* Register builtins */ |
18953
89b32569890c
- Add purple_certificate_get_fingerprint_sha1
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18952
diff
changeset
|
1848 purple_certificate_register_verifier(&x509_singleuse); |
19093
f96b53df8d17
- Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19092
diff
changeset
|
1849 purple_certificate_register_pool(&x509_ca); |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
1850 purple_certificate_register_pool(&x509_tls_peers); |
18993
33fb4930ad2b
- Add x509_tls_cached skeleton
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18992
diff
changeset
|
1851 purple_certificate_register_verifier(&x509_tls_cached); |
18950
f78a9efa9eaf
- Add purple_certificate_register_builtins
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18949
diff
changeset
|
1852 } |
18946
617447a71ab7
- Add certificate_destroy and certificate_destroy_list
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18943
diff
changeset
|
1853 |
18957
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1854 void |
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1855 purple_certificate_uninit(void) |
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1856 { |
19024
264f00bc8f22
- Change certificate_uninit to unregister all Pools, Schemes, and
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19023
diff
changeset
|
1857 /* Unregister all Verifiers */ |
25375
fc8fd4fef166
Fix a crash on exit with a patch from im.pidgin.next.minor.
Elliott Sales de Andrade <qulogic@pidgin.im>
parents:
24840
diff
changeset
|
1858 g_list_foreach(cert_verifiers, (GFunc)purple_certificate_unregister_verifier, NULL); |
19024
264f00bc8f22
- Change certificate_uninit to unregister all Pools, Schemes, and
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19023
diff
changeset
|
1859 |
264f00bc8f22
- Change certificate_uninit to unregister all Pools, Schemes, and
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19023
diff
changeset
|
1860 /* Unregister all Pools */ |
25375
fc8fd4fef166
Fix a crash on exit with a patch from im.pidgin.next.minor.
Elliott Sales de Andrade <qulogic@pidgin.im>
parents:
24840
diff
changeset
|
1861 g_list_foreach(cert_pools, (GFunc)purple_certificate_unregister_pool, NULL); |
18957
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1862 } |
9205841eed06
- Certificate system now has init and uninit like other systems
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18953
diff
changeset
|
1863 |
19022
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1864 gpointer |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1865 purple_certificate_get_handle(void) |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1866 { |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1867 static gint handle; |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1868 return &handle; |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1869 } |
1f07f96dc1ce
- Add purple_certificate_get_handle
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19021
diff
changeset
|
1870 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1871 PurpleCertificateScheme * |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1872 purple_certificate_find_scheme(const gchar *name) |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1873 { |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1874 PurpleCertificateScheme *scheme = NULL; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1875 GList *l; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1876 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1877 g_return_val_if_fail(name, NULL); |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1878 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1879 /* Traverse the list of registered schemes and locate the |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1880 one whose name matches */ |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1881 for(l = cert_schemes; l; l = l->next) { |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1882 scheme = (PurpleCertificateScheme *)(l->data); |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1883 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1884 /* Name matches? that's our man */ |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1885 if(!g_ascii_strcasecmp(scheme->name, name)) |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1886 return scheme; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1887 } |
17910
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
1888 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1889 purple_debug_warning("certificate", |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1890 "CertificateScheme %s requested but not found.\n", |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1891 name); |
17910
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
1892 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1893 /* TODO: Signalling and such? */ |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1894 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1895 return NULL; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1896 } |
17910
668a294f9a72
- Added certificate.[ch] and got them integrated into the build
William Ehlhardt <williamehlhardt@gmail.com>
parents:
diff
changeset
|
1897 |
19023
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1898 GList * |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1899 purple_certificate_get_schemes(void) |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1900 { |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1901 return cert_schemes; |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1902 } |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1903 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1904 gboolean |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1905 purple_certificate_register_scheme(PurpleCertificateScheme *scheme) |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1906 { |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1907 g_return_val_if_fail(scheme != NULL, FALSE); |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1908 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1909 /* Make sure no scheme is registered with the same name */ |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1910 if (purple_certificate_find_scheme(scheme->name) != NULL) { |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1911 return FALSE; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1912 } |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1913 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1914 /* Okay, we're golden. Register it. */ |
18972
486563a6bb5c
- prepend > append
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18971
diff
changeset
|
1915 cert_schemes = g_list_prepend(cert_schemes, scheme); |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1916 |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1917 /* TODO: Signalling and such? */ |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1918 |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1919 purple_debug_info("certificate", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1920 "CertificateScheme %s registered\n", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1921 scheme->name); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1922 |
18192
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1923 return TRUE; |
dc7e7b8bdc8c
- Add chunks of the certificate scheme registration interface
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17913
diff
changeset
|
1924 } |
18926
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1925 |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1926 gboolean |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1927 purple_certificate_unregister_scheme(PurpleCertificateScheme *scheme) |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1928 { |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1929 if (NULL == scheme) { |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1930 purple_debug_warning("certificate", |
18973
28673b6fb8a2
- Fix some errors and return values
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18972
diff
changeset
|
1931 "Attempting to unregister NULL scheme\n"); |
28673b6fb8a2
- Fix some errors and return values
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18972
diff
changeset
|
1932 return FALSE; |
18926
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1933 } |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1934 |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1935 /* TODO: signalling? */ |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1936 |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1937 /* TODO: unregister all CertificateVerifiers for this scheme?*/ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1938 /* TODO: unregister all CertificatePools for this scheme? */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1939 /* Neither of the above should be necessary, though */ |
18926
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1940 cert_schemes = g_list_remove(cert_schemes, scheme); |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1941 |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1942 purple_debug_info("certificate", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1943 "CertificateScheme %s unregistered\n", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1944 scheme->name); |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1945 |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
1946 |
18926
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1947 return TRUE; |
8c4d52bc0319
- Add unregister_scheme
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18192
diff
changeset
|
1948 } |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1949 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1950 PurpleCertificateVerifier * |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1951 purple_certificate_find_verifier(const gchar *scheme_name, const gchar *ver_name) |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1952 { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1953 PurpleCertificateVerifier *vr = NULL; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1954 GList *l; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1955 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1956 g_return_val_if_fail(scheme_name, NULL); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1957 g_return_val_if_fail(ver_name, NULL); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1958 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1959 /* Traverse the list of registered verifiers and locate the |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1960 one whose name matches */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1961 for(l = cert_verifiers; l; l = l->next) { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1962 vr = (PurpleCertificateVerifier *)(l->data); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1963 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1964 /* Scheme and name match? */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1965 if(!g_ascii_strcasecmp(vr->scheme_name, scheme_name) && |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1966 !g_ascii_strcasecmp(vr->name, ver_name)) |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1967 return vr; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1968 } |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1969 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1970 purple_debug_warning("certificate", |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1971 "CertificateVerifier %s, %s requested but not found.\n", |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1972 scheme_name, ver_name); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1973 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1974 /* TODO: Signalling and such? */ |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
1975 |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1976 return NULL; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1977 } |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1978 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1979 |
19023
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1980 GList * |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1981 purple_certificate_get_verifiers(void) |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1982 { |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1983 return cert_verifiers; |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1984 } |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
1985 |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1986 gboolean |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1987 purple_certificate_register_verifier(PurpleCertificateVerifier *vr) |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1988 { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1989 g_return_val_if_fail(vr != NULL, FALSE); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1990 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1991 /* Make sure no verifier is registered with the same scheme/name */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1992 if (purple_certificate_find_verifier(vr->scheme_name, vr->name) != NULL) { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1993 return FALSE; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1994 } |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1995 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1996 /* Okay, we're golden. Register it. */ |
18972
486563a6bb5c
- prepend > append
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18971
diff
changeset
|
1997 cert_verifiers = g_list_prepend(cert_verifiers, vr); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1998 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
1999 /* TODO: Signalling and such? */ |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2000 |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2001 purple_debug_info("certificate", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2002 "CertificateVerifier %s registered\n", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2003 vr->name); |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2004 return TRUE; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2005 } |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2006 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2007 gboolean |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2008 purple_certificate_unregister_verifier(PurpleCertificateVerifier *vr) |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2009 { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2010 if (NULL == vr) { |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2011 purple_debug_warning("certificate", |
18973
28673b6fb8a2
- Fix some errors and return values
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18972
diff
changeset
|
2012 "Attempting to unregister NULL verifier\n"); |
28673b6fb8a2
- Fix some errors and return values
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18972
diff
changeset
|
2013 return FALSE; |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2014 } |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2015 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2016 /* TODO: signalling? */ |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2017 |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2018 cert_verifiers = g_list_remove(cert_verifiers, vr); |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2019 |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2020 |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2021 purple_debug_info("certificate", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2022 "CertificateVerifier %s unregistered\n", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2023 vr->name); |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2024 |
18941
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2025 return TRUE; |
425f494bd1ec
- CertificateVerifier register/unregister/find
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18926
diff
changeset
|
2026 } |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2027 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2028 PurpleCertificatePool * |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2029 purple_certificate_find_pool(const gchar *scheme_name, const gchar *pool_name) |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2030 { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2031 PurpleCertificatePool *pool = NULL; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2032 GList *l; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2033 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2034 g_return_val_if_fail(scheme_name, NULL); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2035 g_return_val_if_fail(pool_name, NULL); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2036 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2037 /* Traverse the list of registered pools and locate the |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2038 one whose name matches */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2039 for(l = cert_pools; l; l = l->next) { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2040 pool = (PurpleCertificatePool *)(l->data); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2041 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2042 /* Scheme and name match? */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2043 if(!g_ascii_strcasecmp(pool->scheme_name, scheme_name) && |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2044 !g_ascii_strcasecmp(pool->name, pool_name)) |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2045 return pool; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2046 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2047 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2048 purple_debug_warning("certificate", |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2049 "CertificatePool %s, %s requested but not found.\n", |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2050 scheme_name, pool_name); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2051 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2052 /* TODO: Signalling and such? */ |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
2053 |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2054 return NULL; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2055 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2056 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2057 |
19023
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
2058 GList * |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
2059 purple_certificate_get_pools(void) |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
2060 { |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
2061 return cert_pools; |
eb86ff3ba21a
- Add get_pools, get_verifiers, and get_schemes
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19022
diff
changeset
|
2062 } |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2063 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2064 gboolean |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2065 purple_certificate_register_pool(PurpleCertificatePool *pool) |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2066 { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2067 g_return_val_if_fail(pool, FALSE); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2068 g_return_val_if_fail(pool->scheme_name, FALSE); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2069 g_return_val_if_fail(pool->name, FALSE); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2070 g_return_val_if_fail(pool->fullname, FALSE); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2071 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2072 /* Make sure no pools are registered under this name */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2073 if (purple_certificate_find_pool(pool->scheme_name, pool->name)) { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2074 return FALSE; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2075 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2076 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2077 /* Initialize the pool if needed */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2078 if (pool->init) { |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2079 gboolean success; |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2080 |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
2081 success = pool->init(); |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2082 if (!success) |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2083 return FALSE; |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2084 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2085 |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2086 /* Register the Pool */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2087 cert_pools = g_list_prepend(cert_pools, pool); |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2088 |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2089 /* TODO: Emit a signal that the pool got registered */ |
19044
602295db8e6b
- Register the certificate-stored and certificate-deleted signals
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19034
diff
changeset
|
2090 |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2091 PURPLE_DBUS_REGISTER_POINTER(pool, PurpleCertificatePool); |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2092 purple_signal_register(pool, /* Signals emitted from pool */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2093 "certificate-stored", |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2094 purple_marshal_VOID__POINTER_POINTER, |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2095 NULL, /* No callback return value */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2096 2, /* Two non-data arguments */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2097 purple_value_new(PURPLE_TYPE_SUBTYPE, |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2098 PURPLE_SUBTYPE_CERTIFICATEPOOL), |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2099 purple_value_new(PURPLE_TYPE_STRING)); |
19044
602295db8e6b
- Register the certificate-stored and certificate-deleted signals
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19034
diff
changeset
|
2100 |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2101 purple_signal_register(pool, /* Signals emitted from pool */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2102 "certificate-deleted", |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2103 purple_marshal_VOID__POINTER_POINTER, |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2104 NULL, /* No callback return value */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2105 2, /* Two non-data arguments */ |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2106 purple_value_new(PURPLE_TYPE_SUBTYPE, |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2107 PURPLE_SUBTYPE_CERTIFICATEPOOL), |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2108 purple_value_new(PURPLE_TYPE_STRING)); |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2109 |
21655
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2110 purple_debug_info("certificate", |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2111 "CertificatePool %s registered\n", |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2112 pool->name); |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2113 |
10a2ac84349d
Simplify this a little bit. Most of this change is just removing
Mark Doliner <mark@kingant.net>
parents:
21561
diff
changeset
|
2114 return TRUE; |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2115 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2116 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2117 gboolean |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2118 purple_certificate_unregister_pool(PurpleCertificatePool *pool) |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2119 { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2120 if (NULL == pool) { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2121 purple_debug_warning("certificate", |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2122 "Attempting to unregister NULL pool\n"); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2123 return FALSE; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2124 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2125 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2126 /* Check that the pool is registered */ |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2127 if (!g_list_find(cert_pools, pool)) { |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2128 purple_debug_warning("certificate", |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2129 "Pool to unregister isn't registered!\n"); |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2130 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2131 return FALSE; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2132 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2133 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2134 /* Uninit the pool if needed */ |
19517
7bea9c9fd2a5
(Un)Register the pools with DBus to avoid a runtime fit.
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
19515
diff
changeset
|
2135 PURPLE_DBUS_UNREGISTER_POINTER(pool); |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2136 if (pool->uninit) { |
18975
172b8d1dc2be
- CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18973
diff
changeset
|
2137 pool->uninit(); |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2138 } |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2139 |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2140 cert_pools = g_list_remove(cert_pools, pool); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
2141 |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2142 /* TODO: Signalling? */ |
19044
602295db8e6b
- Register the certificate-stored and certificate-deleted signals
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19034
diff
changeset
|
2143 purple_signal_unregister(pool, "certificate-stored"); |
602295db8e6b
- Register the certificate-stored and certificate-deleted signals
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19034
diff
changeset
|
2144 purple_signal_unregister(pool, "certificate-deleted"); |
25924
584063555949
Remove trailing whitespace
Mark Doliner <mark@kingant.net>
parents:
25894
diff
changeset
|
2145 |
19063
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2146 purple_debug_info("certificate", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2147 "CertificatePool %s unregistered\n", |
2f51578e6602
- Add debugging babble for registers/unregisters
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19060
diff
changeset
|
2148 pool->name); |
18971
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2149 return TRUE; |
898e2bd70f23
- Add find, register, and unregister for CertificatePools
William Ehlhardt <williamehlhardt@gmail.com>
parents:
18964
diff
changeset
|
2150 } |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2151 |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2152 /****************************************************************************/ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2153 /* Scheme-specific functions */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2154 /****************************************************************************/ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2155 |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2156 void |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2157 purple_certificate_display_x509(PurpleCertificate *crt) |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2158 { |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2159 gchar *sha_asc; |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2160 GByteArray *sha_bin; |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2161 gchar *cn; |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2162 time_t activation, expiration; |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2163 gchar *activ_str, *expir_str; |
19332
6e0521bb0853
- Fix some g_free()s of string constants that caused crashing
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19331
diff
changeset
|
2164 gchar *secondary; |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2165 |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2166 /* Pull out the SHA1 checksum */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2167 sha_bin = purple_certificate_get_fingerprint_sha1(crt); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2168 /* Now decode it for display */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2169 sha_asc = purple_base16_encode_chunked(sha_bin->data, |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2170 sha_bin->len); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2171 |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2172 /* Get the cert Common Name */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2173 /* TODO: Will break on CA certs */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2174 cn = purple_certificate_get_subject_name(crt); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2175 |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2176 /* Get the certificate times */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2177 /* TODO: Check the times against localtime */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2178 /* TODO: errorcheck? */ |
19553
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
2179 if (!purple_certificate_get_times(crt, &activation, &expiration)) { |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
2180 purple_debug_error("certificate", |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
2181 "Failed to get certificate times!\n"); |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
2182 activation = expiration = 0; |
f36d0d2bf6f2
- Remove g_assert()s. Fixes #2859
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19534
diff
changeset
|
2183 } |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2184 activ_str = g_strdup(ctime(&activation)); |
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2185 expir_str = g_strdup(ctime(&expiration)); |
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2186 |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2187 /* Make messages */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2188 secondary = g_strdup_printf(_("Common name: %s\n\n" |
24270
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23987
diff
changeset
|
2189 "Fingerprint (SHA1): %s\n\n" |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23987
diff
changeset
|
2190 "Activation date: %s\n" |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23987
diff
changeset
|
2191 "Expiration date: %s\n"), |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23987
diff
changeset
|
2192 cn ? cn : "(null)", |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23987
diff
changeset
|
2193 sha_asc ? sha_asc : "(null)", |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23987
diff
changeset
|
2194 activ_str ? activ_str : "(null)", |
e265e7066598
Fix a printf("%s", NULL). Fixes #7289.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
23987
diff
changeset
|
2195 expir_str ? expir_str : "(null)"); |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2196 |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2197 /* Make a semi-pretty display */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2198 purple_notify_info( |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2199 NULL, /* TODO: Find what the handle ought to be */ |
19332
6e0521bb0853
- Fix some g_free()s of string constants that caused crashing
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19331
diff
changeset
|
2200 _("Certificate Information"), |
6e0521bb0853
- Fix some g_free()s of string constants that caused crashing
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19331
diff
changeset
|
2201 "", |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2202 secondary); |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2203 |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2204 /* Cleanup */ |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2205 g_free(cn); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2206 g_free(secondary); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2207 g_free(sha_asc); |
19504
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2208 g_free(activ_str); |
d5ecaf5bce93
Fix the win32 build for the cert SoC branch merge.
Daniel Atallah <daniel.atallah@gmail.com>
parents:
19497
diff
changeset
|
2209 g_free(expir_str); |
19329
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2210 g_byte_array_free(sha_bin, TRUE); |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2211 } |
e93db0c87b26
- Add purple_certificate_display_x509
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19271
diff
changeset
|
2212 |
21647
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2213 void purple_certificate_add_ca_search_path(const char *path) |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2214 { |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2215 if (g_list_find_custom(x509_ca_paths, path, (GCompareFunc)strcmp)) |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2216 return; |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2217 x509_ca_paths = g_list_append(x509_ca_paths, g_strdup(path)); |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2218 } |
a57adf1de9cb
Patch from Florian Quze (the InstantBird dude) to add a search path for
Sadrul Habib Chowdhury <imadil@gmail.com>
parents:
21561
diff
changeset
|
2219 |