pidgin: libpurple/certificate.c annotate

annotate libpurple/certificate.c @ 31537:6ec53e134447

bonjour: Recurse through user IP addresses instead of using the first one only This, among other things, makes interactivity with iChat more reliable because iChat apparently advertises an IPv6 address, but doesn't listen on it. Fixes #13773 committer: Daniel Atallah <daniel.atallah@gmail.com>

author	Simon van der Linden <simon@vanderlinden.eu.org>
date	Tue, 03 May 2011 16:12:36 +0000
parents	e89df17f5ae7
children	a3b1dcf433b5

rev	line source
17910 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	1 /**
19075 a0138be8d725 - Typo fix William Ehlhardt <williamehlhardt@gmail.com> parents: 19067 diff changeset	2 * @file certificate.c Public-Key Certificate API
17910 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	3 * @ingroup core
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	4 */
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	5
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	6 /*
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	7 *
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	8 * purple
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	9 *
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	10 * Purple is the legal property of its developers, whose names are too numerous
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	11 * to list here. Please refer to the COPYRIGHT file distributed with this
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	12 * source distribution.
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	13 *
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	14 * This program is free software; you can redistribute it and/or modify
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	15 * it under the terms of the GNU General Public License as published by
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	16 * the Free Software Foundation; either version 2 of the License, or
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	17 * (at your option) any later version.
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	18 *
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	19 * This program is distributed in the hope that it will be useful,
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	22 * GNU General Public License for more details.
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	23 *
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	24 * You should have received a copy of the GNU General Public License
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	25 * along with this program; if not, write to the Free Software
19681 44b4e8bd759b The FSF changed its address a while ago; our files were out of date. John Bailey <rekkanoryo@rekkanoryo.org> parents: 19649 diff changeset	26 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA
17910 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	27 */
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	28
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	29 #include "internal.h"
17910 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	30 #include "certificate.h"
19517 7bea9c9fd2a5 (Un)Register the pools with DBus to avoid a runtime fit. Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19515 diff changeset	31 #include "dbus-maybe.h"
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	32 #include "debug.h"
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	33 #include "request.h"
19044 602295db8e6b - Register the certificate-stored and certificate-deleted signals William Ehlhardt <williamehlhardt@gmail.com> parents: 19034 diff changeset	34 #include "signals.h"
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	35 #include "util.h"
17910 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	36
668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	37 /** List holding pointers to all registered certificate schemes */
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	38 static GList *cert_schemes = NULL;
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	39 /** List of registered Verifiers */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	40 static GList *cert_verifiers = NULL;
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	41 /** List of registered Pools */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	42 static GList *cert_pools = NULL;
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	43
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	44 /*
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	45 * TODO: Merge this with PurpleCertificateVerificationStatus for 3.0.0 */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	46 typedef enum {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	47 PURPLE_CERTIFICATE_UNKNOWN_ERROR = -1,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	48
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	49 /* Not an error */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	50 PURPLE_CERTIFICATE_NO_PROBLEMS = 0,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	51
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	52 /* Non-fatal */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	53 PURPLE_CERTIFICATE_NON_FATALS_MASK = 0x0000FFFF,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	54
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	55 /* The certificate is self-signed. */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	56 PURPLE_CERTIFICATE_SELF_SIGNED = 0x01,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	57
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	58 /* The CA is not in libpurple's pool of certificates. */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	59 PURPLE_CERTIFICATE_CA_UNKNOWN = 0x02,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	60
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	61 /* The current time is before the certificate's specified
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	62 * activation time.
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	63 */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	64 PURPLE_CERTIFICATE_NOT_ACTIVATED = 0x04,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	65
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	66 /* The current time is after the certificate's specified expiration time */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	67 PURPLE_CERTIFICATE_EXPIRED = 0x08,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	68
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	69 /* The certificate's subject name doesn't match the expected */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	70 PURPLE_CERTIFICATE_NAME_MISMATCH = 0x10,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	71
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	72 /* No CA pool was found. This shouldn't happen... */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	73 PURPLE_CERTIFICATE_NO_CA_POOL = 0x20,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	74
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	75 /* Fatal */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	76 PURPLE_CERTIFICATE_FATALS_MASK = 0xFFFF0000,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	77
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	78 /* The signature chain could not be validated. Due to limitations in the
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	79 * the current API, this also indicates one of the CA certificates in the
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	80 * chain is expired (or not yet activated). FIXME 3.0.0 */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	81 PURPLE_CERTIFICATE_INVALID_CHAIN = 0x10000,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	82
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	83 /* The signature has been revoked. */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	84 PURPLE_CERTIFICATE_REVOKED = 0x20000,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	85
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	86 PURPLE_CERTIFICATE_LAST = 0x40000,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	87 } PurpleCertificateInvalidityFlags;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	88
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	89 static const gchar *
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	90 invalidity_reason_to_string(PurpleCertificateInvalidityFlags flag)
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	91 {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	92 switch (flag) {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	93 case PURPLE_CERTIFICATE_SELF_SIGNED:
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	94 return _("The certificate is self-signed and cannot be "
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	95 "automatically checked.");
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	96 break;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	97 case PURPLE_CERTIFICATE_CA_UNKNOWN:
28356 8e6c1408e430 Some wordsmithing on this message from Y S Landro, Richard, William, and Kevin (on the translators m-l). Paul Aurich <paul@darkrain42.org> parents: 28245 diff changeset	98 return _("The certificate is not trusted because no certificate "
8e6c1408e430 Some wordsmithing on this message from Y S Landro, Richard, William, and Kevin (on the translators m-l). Paul Aurich <paul@darkrain42.org> parents: 28245 diff changeset	99 "that can verify it is currently trusted.");
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	100 break;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	101 case PURPLE_CERTIFICATE_NOT_ACTIVATED:
30219 ebc34634e592 certificate: Add helpful text to the 'not yet active' message. Paul Aurich <paul@darkrain42.org> parents: 29699 diff changeset	102 return _("The certificate is not valid yet. Check that your "
ebc34634e592 certificate: Add helpful text to the 'not yet active' message. Paul Aurich <paul@darkrain42.org> parents: 29699 diff changeset	103 "computer's date and time are accurate.");
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	104 break;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	105 case PURPLE_CERTIFICATE_EXPIRED:
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	106 return _("The certificate has expired and should not be "
30573 22a713532200 cert: Tell users to check their computer's date/time for expired certs, too Paul Aurich <paul@darkrain42.org> parents: 30219 diff changeset	107 "considered valid. Check that your computer's date "
22a713532200 cert: Tell users to check their computer's date/time for expired certs, too Paul Aurich <paul@darkrain42.org> parents: 30219 diff changeset	108 "and time are accurate.");
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	109 break;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	110 case PURPLE_CERTIFICATE_NAME_MISMATCH:
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	111 /* Translators: "domain" refers to a DNS domain (e.g. talk.google.com) */
28056 694c8aa30300 String change feedback from Stu. Paul Aurich <paul@darkrain42.org> parents: 28051 diff changeset	112 return _("The certificate presented is not issued to this domain.");
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	113 break;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	114 case PURPLE_CERTIFICATE_NO_CA_POOL:
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	115 return _("You have no database of root certificates, so "
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	116 "this certificate cannot be validated.");
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	117 break;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	118 case PURPLE_CERTIFICATE_INVALID_CHAIN:
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	119 return _("The certificate chain presented is invalid.");
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	120 break;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	121 case PURPLE_CERTIFICATE_REVOKED:
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	122 return _("The certificate has been revoked.");
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	123 break;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	124 case PURPLE_CERTIFICATE_UNKNOWN_ERROR:
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	125 default:
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	126 return _("An unknown certificate error occurred.");
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	127 break;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	128 }
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	129 }
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	130
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	131 void
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	132 purple_certificate_verify (PurpleCertificateVerifier *verifier,
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	133 const gchar subject_name, GList cert_chain,
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	134 PurpleCertificateVerifiedCallback cb,
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	135 gpointer cb_data)
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	136 {
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	137 PurpleCertificateVerificationRequest *vrq;
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	138 PurpleCertificateScheme *scheme;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	139
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	140 g_return_if_fail(subject_name != NULL);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	141 /* If you don't have a cert to check, why are you requesting that it
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	142 be verified? */
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	143 g_return_if_fail(cert_chain != NULL);
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	144 g_return_if_fail(cb != NULL);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	145
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	146 /* Look up the CertificateScheme */
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	147 scheme = purple_certificate_find_scheme(verifier->scheme_name);
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	148 g_return_if_fail(scheme);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	149
18943 c519ff185569 - purple_certificate_verify attempts to check that the cert chain is of William Ehlhardt <williamehlhardt@gmail.com> parents: 18942 diff changeset	150 /* Check that at least the first cert in the chain matches the
c519ff185569 - purple_certificate_verify attempts to check that the cert chain is of William Ehlhardt <williamehlhardt@gmail.com> parents: 18942 diff changeset	151 Verifier scheme */
18960 6831c126bcf3 - Fixed an inverted assertion William Ehlhardt <williamehlhardt@gmail.com> parents: 18957 diff changeset	152 g_return_if_fail(scheme ==
18943 c519ff185569 - purple_certificate_verify attempts to check that the cert chain is of William Ehlhardt <williamehlhardt@gmail.com> parents: 18942 diff changeset	153 ((PurpleCertificate *) (cert_chain->data))->scheme);
c519ff185569 - purple_certificate_verify attempts to check that the cert chain is of William Ehlhardt <williamehlhardt@gmail.com> parents: 18942 diff changeset	154
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	155 /* Construct and fill in the request fields */
18949 8902f0d7e40f - Use g_new0 instead of g_new William Ehlhardt <williamehlhardt@gmail.com> parents: 18947 diff changeset	156 vrq = g_new0(PurpleCertificateVerificationRequest, 1);
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	157 vrq->verifier = verifier;
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	158 vrq->scheme = scheme;
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	159 vrq->subject_name = g_strdup(subject_name);
19021 fcca10d0ac7d - purple_certificate_verify no longer takes possession of the William Ehlhardt <williamehlhardt@gmail.com> parents: 19020 diff changeset	160 vrq->cert_chain = purple_certificate_copy_list(cert_chain);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	161 vrq->cb = cb;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	162 vrq->cb_data = cb_data;
18942 02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	163
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	164 /* Initiate verification */
02102eccc4be - purple_certificate_verify now takes a Verifier argument, creates its William Ehlhardt <williamehlhardt@gmail.com> parents: 18941 diff changeset	165 (verifier->start_verification)(vrq);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	166 }
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	167
18946 617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	168 void
19088 f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	169 purple_certificate_verify_complete(PurpleCertificateVerificationRequest *vrq,
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	170 PurpleCertificateVerificationStatus st)
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	171 {
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	172 PurpleCertificateVerifier *vr;
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	173
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	174 g_return_if_fail(vrq);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	175
20747 17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	176 if (st == PURPLE_CERTIFICATE_VALID) {
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	177 purple_debug_info("certificate",
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	178 "Successfully verified certificate for %s\n",
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	179 vrq->subject_name);
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	180 } else {
27231 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25941 diff changeset	181 purple_debug_error("certificate",
20747 17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	182 "Failed to verify certificate for %s\n",
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	183 vrq->subject_name);
17e605dd2de1 - Debugging babble in purple_verify_complete to tell final verification William Ehlhardt <williamehlhardt@gmail.com> parents: 20746 diff changeset	184 }
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	185
19088 f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	186 /* Pass the results on to the request's callback */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	187 (vrq->cb)(st, vrq->cb_data);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	188
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	189 /* And now to eliminate the request */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	190 /* Fetch the Verifier responsible... */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	191 vr = vrq->verifier;
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	192 /* ...and order it to KILL */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	193 (vr->destroy_request)(vrq);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	194
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	195 /* Now the internals have been cleaned up, so clean up the libpurple-
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	196 created elements */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	197 g_free(vrq->subject_name);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	198 purple_certificate_destroy_list(vrq->cert_chain);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	199
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	200 /* A structure born
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	201 * to much ado
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	202 * and with so much within.
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	203 * It reaches now
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	204 * its quiet end. */
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	205 g_free(vrq);
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	206 }
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	207
f5802217844d - Add verify_complete, which should deprecate verify_destroy William Ehlhardt <williamehlhardt@gmail.com> parents: 19086 diff changeset	208
19018 d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	209 PurpleCertificate *
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	210 purple_certificate_copy(PurpleCertificate *crt)
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	211 {
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	212 g_return_val_if_fail(crt, NULL);
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	213 g_return_val_if_fail(crt->scheme, NULL);
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	214 g_return_val_if_fail(crt->scheme->copy_certificate, NULL);
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	215
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	216 return (crt->scheme->copy_certificate)(crt);
d6f902265076 - Add purple_certificate_copy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19014 diff changeset	217 }
18947 3c6bf77bf7c4 - Add purple_certificate_verify_destroy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 18946 diff changeset	218
19020 d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	219 GList *
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	220 purple_certificate_copy_list(GList *crt_list)
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	221 {
24270 e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23987 diff changeset	222 GList new_l, l;
19020 d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	223
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	224 /* First, make a shallow copy of the list */
24270 e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23987 diff changeset	225 new_l = g_list_copy(crt_list);
19020 d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	226
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	227 /* Now go through and actually duplicate each certificate */
24270 e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23987 diff changeset	228 for (l = new_l; l; l = l->next) {
19020 d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	229 l->data = purple_certificate_copy(l->data);
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	230 }
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	231
24270 e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23987 diff changeset	232 return new_l;
19020 d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	233 }
d69355001a6e - Add purple_certificate_copy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 19018 diff changeset	234
18947 3c6bf77bf7c4 - Add purple_certificate_verify_destroy and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 18946 diff changeset	235 void
18946 617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	236 purple_certificate_destroy (PurpleCertificate *crt)
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	237 {
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	238 PurpleCertificateScheme *scheme;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	239
18946 617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	240 if (NULL == crt) return;
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	241
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	242 scheme = crt->scheme;
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	243
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	244 (scheme->destroy_certificate)(crt);
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	245 }
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	246
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	247 void
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	248 purple_certificate_destroy_list (GList * crt_list)
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	249 {
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	250 PurpleCertificate *crt;
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	251 GList *l;
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	252
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	253 for (l=crt_list; l; l = l->next) {
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	254 crt = (PurpleCertificate *) l->data;
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	255 purple_certificate_destroy(crt);
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	256 }
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	257
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	258 g_list_free(crt_list);
617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	259 }
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	260
19076 daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	261 gboolean
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	262 purple_certificate_signed_by(PurpleCertificate crt, PurpleCertificate issuer)
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	263 {
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	264 PurpleCertificateScheme *scheme;
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	265
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	266 g_return_val_if_fail(crt, FALSE);
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	267 g_return_val_if_fail(issuer, FALSE);
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	268
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	269 scheme = crt->scheme;
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	270 g_return_val_if_fail(scheme, FALSE);
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	271 /* We can't compare two certs of unrelated schemes, obviously */
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	272 g_return_val_if_fail(issuer->scheme == scheme, FALSE);
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	273
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	274 return (scheme->signed_by)(crt, issuer);
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	275 }
daa68185a018 - Add purple_certificate_signed_by William Ehlhardt <williamehlhardt@gmail.com> parents: 19075 diff changeset	276
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	277 gboolean
27671 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	278 purple_certificate_check_signature_chain_with_failing(GList *chain,
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	279 PurpleCertificate **failing)
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	280 {
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	281 GList *cur;
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	282 PurpleCertificate crt, issuer;
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	283 gchar *uid;
27664 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	284 time_t now, activation, expiration;
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	285 gboolean ret;
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	286
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	287 g_return_val_if_fail(chain, FALSE);
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	288
27671 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	289 if (failing)
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	290 *failing = NULL;
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	291
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	292 uid = purple_certificate_get_unique_id((PurpleCertificate *) chain->data);
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	293 purple_debug_info("certificate",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	294 "Checking signature chain for uid=%s\n",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	295 uid);
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	296 g_free(uid);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	297
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	298 /* If this is a single-certificate chain, say that it is valid */
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	299 if (chain->next == NULL) {
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	300 purple_debug_info("certificate",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	301 "...Singleton. We'll say it's valid.\n");
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	302 return TRUE;
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	303 }
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	304
27664 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	305 now = time(NULL);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	306
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	307 /* Load crt with the first certificate */
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	308 crt = (PurpleCertificate *)(chain->data);
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	309 /* And start with the second certificate in the chain */
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	310 for ( cur = chain->next; cur; cur = cur->next ) {
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	311
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	312 issuer = (PurpleCertificate *)(cur->data);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	313
27664 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	314 uid = purple_certificate_get_unique_id(issuer);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	315
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	316 ret = purple_certificate_get_times(issuer, &activation, &expiration);
31086 a8cc50c2279f Remove trailing whitespace Richard Laager <rlaager@wiktel.com> parents: 30960 diff changeset	317 if (!ret \|\| now < activation \|\| now > expiration) {
27664 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	318 if (!ret)
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	319 purple_debug_error("certificate",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	320 "...Failed to get validity times for certificate %s\n"
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	321 "Chain is INVALID\n", uid);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	322 else if (now > expiration)
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	323 purple_debug_error("certificate",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	324 "...Issuer %s expired at %s\nChain is INVALID\n",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	325 uid, ctime(&expiration));
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	326 else
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	327 purple_debug_error("certificate",
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	328 "...Not-yet-activated issuer %s will be valid at %s\n"
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	329 "Chain is INVALID\n", uid, ctime(&activation));
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	330
27671 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	331 if (failing)
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	332 *failing = crt;
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	333
27664 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	334 g_free(uid);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	335 return FALSE;
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	336 }
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	337
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	338 /* Check the signature for this link */
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	339 if (! purple_certificate_signed_by(crt, issuer) ) {
27231 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25941 diff changeset	340 purple_debug_error("certificate",
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	341 "...Bad or missing signature by %s\nChain is INVALID\n",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	342 uid);
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	343 g_free(uid);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	344
27671 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	345 if (failing)
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	346 *failing = crt;
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	347
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	348 return FALSE;
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	349 }
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	350
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	351 purple_debug_info("certificate",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	352 "...Good signature by %s\n",
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	353 uid);
bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	354 g_free(uid);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	355
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	356 /* The issuer is now the next crt whose signature is to be
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	357 checked */
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	358 crt = issuer;
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	359 }
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	360
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	361 /* If control reaches this point, the chain is valid */
19081 bdd8911d5031 - Add debugging babble to check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19080 diff changeset	362 purple_debug_info("certificate", "Chain is VALID\n");
19077 8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	363 return TRUE;
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	364 }
8275c3cbc9da - Add purple_certificate_check_signature_chain William Ehlhardt <williamehlhardt@gmail.com> parents: 19076 diff changeset	365
27671 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	366 gboolean
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	367 purple_certificate_check_signature_chain(GList *chain)
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	368 {
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	369 return purple_certificate_check_signature_chain_with_failing(chain, NULL);
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	370 }
99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	371
18988 4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	372 PurpleCertificate *
18989 43d1ee6a3ed5 - Fixed naming issues in previous revision William Ehlhardt <williamehlhardt@gmail.com> parents: 18988 diff changeset	373 purple_certificate_import(PurpleCertificateScheme scheme, const gchar filename)
18988 4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	374 {
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	375 g_return_val_if_fail(scheme, NULL);
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	376 g_return_val_if_fail(scheme->import_certificate, NULL);
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	377 g_return_val_if_fail(filename, NULL);
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	378
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	379 return (scheme->import_certificate)(filename);
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	380 }
4189fc3befba - Add purple_certificate_import William Ehlhardt <williamehlhardt@gmail.com> parents: 18987 diff changeset	381
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	382 GSList *
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	383 purple_certificates_import(PurpleCertificateScheme scheme, const gchar filename)
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	384 {
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	385 g_return_val_if_fail(scheme, NULL);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	386 g_return_val_if_fail(scheme->import_certificates, NULL);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	387 g_return_val_if_fail(filename, NULL);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	388
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	389 return (scheme->import_certificates)(filename);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	390 }
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	391
18977 31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	392 gboolean
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	393 purple_certificate_export(const gchar filename, PurpleCertificate crt)
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	394 {
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	395 PurpleCertificateScheme *scheme;
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	396
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	397 g_return_val_if_fail(filename, FALSE);
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	398 g_return_val_if_fail(crt, FALSE);
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	399 g_return_val_if_fail(crt->scheme, FALSE);
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	400
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	401 scheme = crt->scheme;
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	402 g_return_val_if_fail(scheme->export_certificate, FALSE);
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	403
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	404 return (scheme->export_certificate)(filename, crt);
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	405 }
31bdbb82de7e - Add purple_certificate_export and associated libpurple stuff William Ehlhardt <williamehlhardt@gmail.com> parents: 18976 diff changeset	406
27669 4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27664 diff changeset	407 static gboolean
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27664 diff changeset	408 byte_arrays_equal(const GByteArray array1, const GByteArray array2)
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27664 diff changeset	409 {
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27664 diff changeset	410 g_return_val_if_fail(array1 != NULL, FALSE);
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27664 diff changeset	411 g_return_val_if_fail(array2 != NULL, FALSE);
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27664 diff changeset	412
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27664 diff changeset	413 return (array1->len == array2->len) &&
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27664 diff changeset	414 (0 == memcmp(array1->data, array2->data, array1->len));
4c5f35f2b1ff A better solution for verifying certificate chains with NSS 3.12.3. Paul Aurich <paul@darkrain42.org> parents: 27664 diff changeset	415 }
31086 a8cc50c2279f Remove trailing whitespace Richard Laager <rlaager@wiktel.com> parents: 30960 diff changeset	416
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	417 GByteArray *
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	418 purple_certificate_get_fingerprint_sha1(PurpleCertificate *crt)
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	419 {
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	420 PurpleCertificateScheme *scheme;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	421 GByteArray *fpr;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	422
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	423 g_return_val_if_fail(crt, NULL);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	424 g_return_val_if_fail(crt->scheme, NULL);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	425
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	426 scheme = crt->scheme;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	427
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	428 g_return_val_if_fail(scheme->get_fingerprint_sha1, NULL);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	429
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	430 fpr = (scheme->get_fingerprint_sha1)(crt);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	431
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	432 return fpr;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	433 }
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	434
18962 fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	435 gchar *
19080 3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	436 purple_certificate_get_unique_id(PurpleCertificate *crt)
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	437 {
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	438 g_return_val_if_fail(crt, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	439 g_return_val_if_fail(crt->scheme, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	440 g_return_val_if_fail(crt->scheme->get_unique_id, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	441
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	442 return (crt->scheme->get_unique_id)(crt);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	443 }
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	444
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	445 gchar *
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	446 purple_certificate_get_issuer_unique_id(PurpleCertificate *crt)
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	447 {
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	448 g_return_val_if_fail(crt, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	449 g_return_val_if_fail(crt->scheme, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	450 g_return_val_if_fail(crt->scheme->get_issuer_unique_id, NULL);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	451
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	452 return (crt->scheme->get_issuer_unique_id)(crt);
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	453 }
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	454
3bdede51c007 - Expose get_unique_id and get_issuer_unique_id through libpurple functions William Ehlhardt <williamehlhardt@gmail.com> parents: 19078 diff changeset	455 gchar *
18962 fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	456 purple_certificate_get_subject_name(PurpleCertificate *crt)
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	457 {
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	458 PurpleCertificateScheme *scheme;
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	459 gchar *subject_name;
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	460
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	461 g_return_val_if_fail(crt, NULL);
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	462 g_return_val_if_fail(crt->scheme, NULL);
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	463
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	464 scheme = crt->scheme;
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	465
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	466 g_return_val_if_fail(scheme->get_subject_name, NULL);
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	467
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	468 subject_name = (scheme->get_subject_name)(crt);
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	469
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	470 return subject_name;
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	471 }
fcd05c39803e - Add purple_certificate_get_subject_name and associated libpurple William Ehlhardt <williamehlhardt@gmail.com> parents: 18960 diff changeset	472
19008 7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	473 gboolean
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	474 purple_certificate_check_subject_name(PurpleCertificate crt, const gchar name)
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	475 {
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	476 PurpleCertificateScheme *scheme;
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	477
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	478 g_return_val_if_fail(crt, FALSE);
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	479 g_return_val_if_fail(crt->scheme, FALSE);
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	480 g_return_val_if_fail(name, FALSE);
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	481
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	482 scheme = crt->scheme;
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	483
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	484 g_return_val_if_fail(scheme->check_subject_name, FALSE);
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	485
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	486 return (scheme->check_subject_name)(crt, name);
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	487 }
7fd9bd55f8d0 - Add certificate_check_subject_name and associated machinery William Ehlhardt <williamehlhardt@gmail.com> parents: 19001 diff changeset	488
19012 b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	489 gboolean
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	490 purple_certificate_get_times(PurpleCertificate crt, time_t activation, time_t *expiration)
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	491 {
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	492 PurpleCertificateScheme *scheme;
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	493
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	494 g_return_val_if_fail(crt, FALSE);
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	495
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	496 scheme = crt->scheme;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	497
19012 b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	498 g_return_val_if_fail(scheme, FALSE);
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	499
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	500 /* If both provided references are NULL, what are you doing calling
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	501 this? */
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	502 g_return_val_if_fail( (activation != NULL) \|\| (expiration != NULL), FALSE);
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	503
19067 6c0aad79c4c5 - Change the internal structure of activation/expiration times to match William Ehlhardt <williamehlhardt@gmail.com> parents: 19063 diff changeset	504 /* Throw the request on down to the certscheme */
6c0aad79c4c5 - Change the internal structure of activation/expiration times to match William Ehlhardt <williamehlhardt@gmail.com> parents: 19063 diff changeset	505 return (scheme->get_times)(crt, activation, expiration);
19012 b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	506 }
b1090cbfc286 - Add expiration/activation functions for Certificates William Ehlhardt <williamehlhardt@gmail.com> parents: 19010 diff changeset	507
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	508 gchar *
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	509 purple_certificate_pool_mkpath(PurpleCertificatePool pool, const gchar id)
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	510 {
19010 0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	511 gchar *path;
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	512 gchar esc_scheme_name, esc_name, *esc_id;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	513
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	514 g_return_val_if_fail(pool, NULL);
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	515 g_return_val_if_fail(pool->scheme_name, NULL);
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	516 g_return_val_if_fail(pool->name, NULL);
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	517
19010 0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	518 /* Escape all the elements for filesystem-friendliness */
19033 6b4e874e47c1 - Handle NULLs given to certificate_pool_mkpath without causing errors William Ehlhardt <williamehlhardt@gmail.com> parents: 19027 diff changeset	519 esc_scheme_name = pool ? g_strdup(purple_escape_filename(pool->scheme_name)) : NULL;
6b4e874e47c1 - Handle NULLs given to certificate_pool_mkpath without causing errors William Ehlhardt <williamehlhardt@gmail.com> parents: 19027 diff changeset	520 esc_name = pool ? g_strdup(purple_escape_filename(pool->name)) : NULL;
6b4e874e47c1 - Handle NULLs given to certificate_pool_mkpath without causing errors William Ehlhardt <williamehlhardt@gmail.com> parents: 19027 diff changeset	521 esc_id = id ? g_strdup(purple_escape_filename(id)) : NULL;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	522
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	523 path = g_build_filename(purple_user_dir(),
18986 dfd9f883b774 - Correct the certstore folder paths William Ehlhardt <williamehlhardt@gmail.com> parents: 18985 diff changeset	524 "certificates", /* TODO: constantize this? */
19010 0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	525 esc_scheme_name,
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	526 esc_name,
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	527 esc_id,
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	528 NULL);
19009 b64aa0222a7a - pool_mkpath now runs purple_escape_filename on its return value William Ehlhardt <williamehlhardt@gmail.com> parents: 19008 diff changeset	529
19010 0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	530 g_free(esc_scheme_name);
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	531 g_free(esc_name);
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	532 g_free(esc_id);
0d4b84820390 - Fix overzealous escaping cause by ancestor revision William Ehlhardt <williamehlhardt@gmail.com> parents: 19009 diff changeset	533 return path;
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	534 }
2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	535
18995 47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	536 gboolean
19034 8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	537 purple_certificate_pool_usable(PurpleCertificatePool *pool)
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	538 {
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	539 g_return_val_if_fail(pool, FALSE);
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	540 g_return_val_if_fail(pool->scheme_name, FALSE);
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	541
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	542 /* Check that the pool's scheme is loaded */
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	543 if (purple_certificate_find_scheme(pool->scheme_name) == NULL) {
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	544 return FALSE;
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	545 }
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	546
19034 8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	547 return TRUE;
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	548 }
8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	549
19060 c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	550 PurpleCertificateScheme *
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	551 purple_certificate_pool_get_scheme(PurpleCertificatePool *pool)
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	552 {
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	553 g_return_val_if_fail(pool, NULL);
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	554 g_return_val_if_fail(pool->scheme_name, NULL);
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	555
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	556 return purple_certificate_find_scheme(pool->scheme_name);
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	557 }
c79b54f03f9d - Add purple_certificate_pool_get_scheme helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 19050 diff changeset	558
19034 8b627694bf4a - Add purple_certificate_pool_usable to check whether a pool's William Ehlhardt <williamehlhardt@gmail.com> parents: 19033 diff changeset	559 gboolean
18995 47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	560 purple_certificate_pool_contains(PurpleCertificatePool pool, const gchar id)
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	561 {
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	562 g_return_val_if_fail(pool, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	563 g_return_val_if_fail(id, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	564 g_return_val_if_fail(pool->cert_in_pool, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	565
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	566 return (pool->cert_in_pool)(id);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	567 }
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	568
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	569 PurpleCertificate *
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	570 purple_certificate_pool_retrieve(PurpleCertificatePool pool, const gchar id)
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	571 {
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	572 g_return_val_if_fail(pool, NULL);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	573 g_return_val_if_fail(id, NULL);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	574 g_return_val_if_fail(pool->get_cert, NULL);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	575
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	576 return (pool->get_cert)(id);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	577 }
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	578
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	579 gboolean
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	580 purple_certificate_pool_store(PurpleCertificatePool pool, const gchar id, PurpleCertificate *crt)
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	581 {
19046 8599a27ad69c - Emit certificate-stored signal in purple_certificate_pool_store William Ehlhardt <williamehlhardt@gmail.com> parents: 19044 diff changeset	582 gboolean ret = FALSE;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	583
18995 47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	584 g_return_val_if_fail(pool, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	585 g_return_val_if_fail(id, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	586 g_return_val_if_fail(pool->put_cert, FALSE);
47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	587
18996 24fc5ca67afc - Do some weak checking to ensure that you don't attempt to store a William Ehlhardt <williamehlhardt@gmail.com> parents: 18995 diff changeset	588 /* Whether crt->scheme matches find_scheme(pool->scheme_name) is not
24fc5ca67afc - Do some weak checking to ensure that you don't attempt to store a William Ehlhardt <williamehlhardt@gmail.com> parents: 18995 diff changeset	589 relevant... I think... */
24fc5ca67afc - Do some weak checking to ensure that you don't attempt to store a William Ehlhardt <williamehlhardt@gmail.com> parents: 18995 diff changeset	590 g_return_val_if_fail(
24fc5ca67afc - Do some weak checking to ensure that you don't attempt to store a William Ehlhardt <williamehlhardt@gmail.com> parents: 18995 diff changeset	591 g_ascii_strcasecmp(pool->scheme_name, crt->scheme->name) == 0,
24fc5ca67afc - Do some weak checking to ensure that you don't attempt to store a William Ehlhardt <williamehlhardt@gmail.com> parents: 18995 diff changeset	592 FALSE);
18995 47b06daea9d1 - Add pool retrieve, contains, and store functions to certificate API William Ehlhardt <williamehlhardt@gmail.com> parents: 18993 diff changeset	593
19046 8599a27ad69c - Emit certificate-stored signal in purple_certificate_pool_store William Ehlhardt <williamehlhardt@gmail.com> parents: 19044 diff changeset	594 ret = (pool->put_cert)(id, crt);
8599a27ad69c - Emit certificate-stored signal in purple_certificate_pool_store William Ehlhardt <williamehlhardt@gmail.com> parents: 19044 diff changeset	595
19050 c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	596 /* Signal that the certificate was stored if success*/
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	597 if (ret) {
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	598 purple_signal_emit(pool, "certificate-stored",
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	599 pool, id);
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	600 }
19046 8599a27ad69c - Emit certificate-stored signal in purple_certificate_pool_store William Ehlhardt <williamehlhardt@gmail.com> parents: 19044 diff changeset	601
8599a27ad69c - Emit certificate-stored signal in purple_certificate_pool_store William Ehlhardt <williamehlhardt@gmail.com> parents: 19044 diff changeset	602 return ret;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	603 }
18984 2b4150624cf2 - Add purple_certificate_pool_mkpath helper function William Ehlhardt <williamehlhardt@gmail.com> parents: 18982 diff changeset	604
19049 8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	605 gboolean
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	606 purple_certificate_pool_delete(PurpleCertificatePool pool, const gchar id)
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	607 {
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	608 gboolean ret = FALSE;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	609
19049 8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	610 g_return_val_if_fail(pool, FALSE);
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	611 g_return_val_if_fail(id, FALSE);
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	612 g_return_val_if_fail(pool->delete_cert, FALSE);
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	613
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	614 ret = (pool->delete_cert)(id);
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	615
19050 c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	616 /* Signal that the certificate was deleted if success */
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	617 if (ret) {
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	618 purple_signal_emit(pool, "certificate-deleted",
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	619 pool, id);
c563b8f84aa0 - Only emit certificate-stored and certificate-deleted if the operation William Ehlhardt <williamehlhardt@gmail.com> parents: 19049 diff changeset	620 }
19049 8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	621
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	622 return ret;
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	623 }
8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	624
19026 b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	625 GList *
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	626 purple_certificate_pool_get_idlist(PurpleCertificatePool *pool)
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	627 {
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	628 g_return_val_if_fail(pool, NULL);
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	629 g_return_val_if_fail(pool->get_idlist, NULL);
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	630
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	631 return (pool->get_idlist)();
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	632 }
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	633
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	634 void
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	635 purple_certificate_pool_destroy_idlist(GList *idlist)
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	636 {
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	637 GList *l;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	638
19026 b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	639 /* Iterate through and free them strings */
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	640 for ( l = idlist; l; l = l->next ) {
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	641 g_free(l->data);
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	642 }
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	643
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	644 g_list_free(idlist);
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	645 }
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	646
b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	647
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	648 /****************************************************************************/
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	649 /* Builtin Verifiers, Pools, etc. */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	650 /****************************************************************************/
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	651
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	652 static void
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	653 x509_singleuse_verify_cb (PurpleCertificateVerificationRequest *vrq, gint id)
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	654 {
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	655 g_return_if_fail(vrq);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	656
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	657 purple_debug_info("certificate/x509_singleuse",
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	658 "VRQ on cert from %s gave %d\n",
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	659 vrq->subject_name, id);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	660
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	661 /* Signal what happened back to the caller */
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	662 if (1 == id) {
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	663 /* Accepted! */
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	664 purple_certificate_verify_complete(vrq,
489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	665 PURPLE_CERTIFICATE_VALID);
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	666 } else {
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	667 /* Not accepted */
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	668 purple_certificate_verify_complete(vrq,
489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	669 PURPLE_CERTIFICATE_INVALID);
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	670
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	671 }
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	672 }
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	673
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	674 static void
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	675 x509_singleuse_start_verify (PurpleCertificateVerificationRequest *vrq)
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	676 {
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	677 gchar *sha_asc;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	678 GByteArray *sha_bin;
18964 7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	679 gchar *cn;
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	680 const gchar *cn_match;
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	681 gchar primary, secondary;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	682 PurpleCertificate crt = (PurpleCertificate ) vrq->cert_chain->data;
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	683
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	684 /* Pull out the SHA1 checksum */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	685 sha_bin = purple_certificate_get_fingerprint_sha1(crt);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	686 /* Now decode it for display */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	687 sha_asc = purple_base16_encode_chunked(sha_bin->data,
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	688 sha_bin->len);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	689
18964 7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	690 /* Get the cert Common Name */
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	691 cn = purple_certificate_get_subject_name(crt);
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	692
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	693 /* Determine whether the name matches */
19496 004c3e257bd0 - Even more TODO whacking William Ehlhardt <williamehlhardt@gmail.com> parents: 19495 diff changeset	694 if (purple_certificate_check_subject_name(crt, vrq->subject_name)) {
20270 d94432a338ab Translating the empty string is a bad idea. Richard Laager <rlaager@wiktel.com> parents: 20248 diff changeset	695 cn_match = "";
18964 7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	696 } else {
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	697 cn_match = _("(DOES NOT MATCH)");
7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	698 }
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	699
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	700 /* Make messages */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	701 primary = g_strdup_printf(_("%s has presented the following certificate for just-this-once use:"), vrq->subject_name);
18964 7b03727b10b4 - x509_singleuse uses the subject_name field...somewhat William Ehlhardt <williamehlhardt@gmail.com> parents: 18962 diff changeset	702 secondary = g_strdup_printf(_("Common name: %s %s\nFingerprint (SHA1): %s"), cn, cn_match, sha_asc);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	703
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	704 /* Make a semi-pretty display */
21099 51cf02dbdb0e disapproval of revision 'c484d979c4fda4433a9633ff8b69bd8a395c9479' Richard Laager <rlaager@wiktel.com> parents: 21095 diff changeset	705 purple_request_accept_cancel(
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	706 vrq->cb_data, /* TODO: Find what the handle ought to be */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	707 _("Single-use Certificate Verification"),
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	708 primary,
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	709 secondary,
22143 70fc60344317 A few more of those "default_action" fixes Mark Doliner <mark@kingant.net> parents: 22142 diff changeset	710 0, /* Accept by default */
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	711 NULL, /* No account */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	712 NULL, /* No other user */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	713 NULL, /* No associated conversation */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	714 vrq,
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	715 x509_singleuse_verify_cb,
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	716 x509_singleuse_verify_cb );
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	717
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	718 /* Cleanup */
29699 8474495b9dfc A couple more leak fixes. Sadrul Habib Chowdhury <imadil@gmail.com> parents: 29647 diff changeset	719 g_free(cn);
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	720 g_free(primary);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	721 g_free(secondary);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	722 g_free(sha_asc);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	723 g_byte_array_free(sha_bin, TRUE);
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	724 }
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	725
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	726 static void
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	727 x509_singleuse_destroy_request (PurpleCertificateVerificationRequest *vrq)
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	728 {
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	729 /* I don't do anything! */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	730 }
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	731
22593 54e5371a6d5d Make x509_singleuse static Stu Tomlinson <stu@nosnilmot.com> parents: 22486 diff changeset	732 static PurpleCertificateVerifier x509_singleuse = {
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	733 "x509", /* Scheme name */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	734 "singleuse", /* Verifier name */
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	735 x509_singleuse_start_verify, /* start_verification function */
19649 450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	736 x509_singleuse_destroy_request, /* Request cleanup operation */
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	737
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	738 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	739 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	740 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	741 NULL
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	742 };
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	743
89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	744
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	745
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	746 /*** X.509 Certificate Authority pool, keyed by Distinguished Name ***/
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	747 /* This is implemented in what may be the most inefficient and bugprone way
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	748 possible; however, future optimizations should not be difficult. */
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	749
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	750 static PurpleCertificatePool x509_ca;
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	751
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	752 /** Holds a key-value pair for quickish certificate lookup */
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	753 typedef struct {
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	754 gchar *dn;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	755 PurpleCertificate *crt;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	756 } x509_ca_element;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	757
19207 8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	758 static void
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	759 x509_ca_element_free(x509_ca_element *el)
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	760 {
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	761 if (NULL == el) return;
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	762
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	763 g_free(el->dn);
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	764 purple_certificate_destroy(el->crt);
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	765 g_free(el);
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	766 }
8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	767
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	768 /** System directory to probe for CA certificates */
19271 c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	769 /* This is set in the lazy_init function */
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	770 static GList *x509_ca_paths = NULL;
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	771
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	772 /** A list of loaded CAs, populated from the above path whenever the lazy_init
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	773 happens. Contains pointers to x509_ca_elements */
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	774 static GList *x509_ca_certs = NULL;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	775
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	776 /** Used for lazy initialization purposes. */
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	777 static gboolean x509_ca_initialized = FALSE;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	778
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	779 /** Adds a certificate to the in-memory cache, doing nothing else */
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	780 static gboolean
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	781 x509_ca_quiet_put_cert(PurpleCertificate *crt)
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	782 {
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	783 x509_ca_element *el;
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	784
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	785 /* lazy_init calls this function, so calling lazy_init here is a
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	786 Bad Thing */
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	787
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	788 g_return_val_if_fail(crt, FALSE);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	789 g_return_val_if_fail(crt->scheme, FALSE);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	790 /* Make sure that this is some kind of X.509 certificate */
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	791 /* TODO: Perhaps just check crt->scheme->name instead? */
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	792 g_return_val_if_fail(crt->scheme == purple_certificate_find_scheme(x509_ca.scheme_name), FALSE);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	793
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	794 el = g_new0(x509_ca_element, 1);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	795 el->dn = purple_certificate_get_unique_id(crt);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	796 el->crt = purple_certificate_copy(crt);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	797 x509_ca_certs = g_list_prepend(x509_ca_certs, el);
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	798
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	799 return TRUE;
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	800 }
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	801
19271 c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	802 /* Since the libpurple CertificatePools get registered before plugins are
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	803 loaded, an X.509 Scheme is generally not available when x509_ca_init is
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	804 called, but x509_ca requires X.509 operations in order to properly load.
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	805
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	806 To solve this, I present the lazy_init function. It attempts to finish
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	807 initialization of the Pool, but it usually fails when it is called from
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	808 x509_ca_init. However, this is OK; initialization is then simply deferred
c28e1afe691b In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19211 diff changeset	809 until someone tries to use functions from the pool. */
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	810 static gboolean
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	811 x509_ca_lazy_init(void)
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	812 {
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	813 PurpleCertificateScheme *x509;
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	814 GDir *certdir;
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	815 const gchar *entry;
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	816 GPatternSpec pempat, crtpat;
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	817 GList *iter = NULL;
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	818 GSList *crts = NULL;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	819
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	820 if (x509_ca_initialized) return TRUE;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	821
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	822 /* Check that X.509 is registered */
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	823 x509 = purple_certificate_find_scheme(x509_ca.scheme_name);
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	824 if ( !x509 ) {
27231 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25941 diff changeset	825 purple_debug_warning("certificate/x509/ca",
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	826 "Lazy init failed because an X.509 Scheme "
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	827 "is not yet registered. Maybe it will be "
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	828 "better later.\n");
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	829 return FALSE;
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	830 }
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	831
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	832 /* Use a glob to only read .pem files */
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	833 pempat = g_pattern_spec_new("*.pem");
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	834 crtpat = g_pattern_spec_new("*.crt");
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	835
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	836 /* Populate the certificates pool from the search path(s) */
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	837 for (iter = x509_ca_paths; iter; iter = iter->next) {
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	838 certdir = g_dir_open(iter->data, 0, NULL);
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	839 if (!certdir) {
22486 3225c99785b8 Fix a bunch of compiler warnings caused by my addition of G_GNUC_PRINTF() Mark Doliner <mark@kingant.net> parents: 22143 diff changeset	840 purple_debug_error("certificate/x509/ca", "Couldn't open location '%s'\n", (const char *)iter->data);
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	841 continue;
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	842 }
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	843
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	844 while ( (entry = g_dir_read_name(certdir)) ) {
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	845 gchar *fullpath;
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	846 PurpleCertificate *crt;
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	847
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	848 if (!g_pattern_match_string(pempat, entry) && !g_pattern_match_string(crtpat, entry)) {
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	849 continue;
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	850 }
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	851
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	852 fullpath = g_build_filename(iter->data, entry, NULL);
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	853
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	854 /* TODO: Respond to a failure in the following? */
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	855 crts = purple_certificates_import(x509, fullpath);
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	856
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	857 while (crts && crts->data) {
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	858 crt = crts->data;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	859 if (x509_ca_quiet_put_cert(crt)) {
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	860 gchar *name;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	861 name = purple_certificate_get_subject_name(crt);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	862 purple_debug_info("certificate/x509/ca",
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	863 "Loaded %s from %s\n",
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	864 name ? name : "(unknown)", fullpath);
29699 8474495b9dfc A couple more leak fixes. Sadrul Habib Chowdhury <imadil@gmail.com> parents: 29647 diff changeset	865 g_free(name);
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	866 } else {
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	867 purple_debug_error("certificate/x509/ca",
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	868 "Failed to load certificate from %s\n",
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	869 fullpath);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	870 }
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	871 purple_certificate_destroy(crt);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	872 crts = g_slist_delete_link(crts, crts);
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	873 }
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	874
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	875 g_free(fullpath);
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	876 }
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	877 g_dir_close(certdir);
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	878 }
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	879
73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	880 g_pattern_spec_free(pempat);
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 29062 diff changeset	881 g_pattern_spec_free(crtpat);
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	882
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	883 purple_debug_info("certificate/x509/ca",
cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	884 "Lazy init completed.\n");
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	885 x509_ca_initialized = TRUE;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	886 return TRUE;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	887 }
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	888
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	889 static gboolean
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	890 x509_ca_init(void)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	891 {
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	892 /* Attempt to point at the appropriate system path */
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	893 if (NULL == x509_ca_paths) {
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	894 #ifdef _WIN32
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	895 x509_ca_paths = g_list_append(NULL, g_build_filename(DATADIR,
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	896 "ca-certs", NULL));
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	897 #else
23330 390384053186 Add a configure option, --with-ssl-certificates to allow packagers to Richard Laager <rlaager@wiktel.com> parents: 23036 diff changeset	898 # ifdef SSL_CERTIFICATES_DIR
23685 e72e03fb5ef1 Fix a crash on exit when using --with-system-ssl-certs Mark Doliner <mark@kingant.net> parents: 23330 diff changeset	899 x509_ca_paths = g_list_append(NULL, g_strdup(SSL_CERTIFICATES_DIR));
23330 390384053186 Add a configure option, --with-ssl-certificates to allow packagers to Richard Laager <rlaager@wiktel.com> parents: 23036 diff changeset	900 # endif
24732 d9e3434d6416 uncondtionally install some certificates and use them, References #6680. Ka-Hing Cheung <khc@hxbc.us> parents: 24270 diff changeset	901 x509_ca_paths = g_list_append(x509_ca_paths,
d9e3434d6416 uncondtionally install some certificates and use them, References #6680. Ka-Hing Cheung <khc@hxbc.us> parents: 24270 diff changeset	902 g_build_filename(DATADIR, "purple", "ca-certs", NULL));
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	903 #endif
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	904 }
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	905
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	906 /* Attempt to initialize now, but if it doesn't work, that's OK;
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	907 it will get done later */
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	908 if ( ! x509_ca_lazy_init()) {
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	909 purple_debug_info("certificate/x509/ca",
19095 cd70e75f9a83 - x509_ca_lazy_init is more implemented William Ehlhardt <williamehlhardt@gmail.com> parents: 19094 diff changeset	910 "Init failed, probably because a "
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	911 "dependency is not yet registered. "
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	912 "It has been deferred to later.\n");
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	913 }
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	914
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	915 return TRUE;
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	916 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	917
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	918 static void
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	919 x509_ca_uninit(void)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	920 {
19202 c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	921 GList *l;
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	922
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	923 for (l = x509_ca_certs; l; l = l->next) {
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	924 x509_ca_element *el = l->data;
19207 8926e15873ca - Add a helper function to destroy x509_ca_elements, and use it where William Ehlhardt <williamehlhardt@gmail.com> parents: 19206 diff changeset	925 x509_ca_element_free(el);
19202 c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	926 }
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	927 g_list_free(x509_ca_certs);
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	928 x509_ca_certs = NULL;
c0949e081f43 - Write the uninit function for x509_ca William Ehlhardt <williamehlhardt@gmail.com> parents: 19201 diff changeset	929 x509_ca_initialized = FALSE;
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	930 g_list_foreach(x509_ca_paths, (GFunc)g_free, NULL);
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	931 g_list_free(x509_ca_paths);
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	932 x509_ca_paths = NULL;
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	933 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	934
19203 6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	935 /** Look up a ca_element by dn */
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	936 static x509_ca_element *
19205 fff2bc09ec1a Cosmetics William Ehlhardt <williamehlhardt@gmail.com> parents: 19204 diff changeset	937 x509_ca_locate_cert(GList lst, const gchar dn)
19203 6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	938 {
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	939 GList *cur;
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	940
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	941 for (cur = lst; cur; cur = cur->next) {
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	942 x509_ca_element *el = cur->data;
25894 a6e3cb32cdd2 Patch from Paul Aurich to add purple_strequal to help readability and simplicity of code. Ie, don't need to negate the value of strcmp, since this does a strcmp and does the negation for us Paul Aurich <paul@darkrain42.org> parents: 24840 diff changeset	943 if (purple_strequal(dn, el->dn)) {
19203 6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	944 return el;
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	945 }
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	946 }
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	947 return NULL;
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	948 }
6034b8db9dc1 - Add a function to search the x509_ca internal structures for an id William Ehlhardt <williamehlhardt@gmail.com> parents: 19202 diff changeset	949
30960 27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	950 static GSList *
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	951 x509_ca_locate_certs(GList lst, const gchar dn)
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	952 {
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	953 GList *cur;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	954 GSList *crts = NULL;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	955
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	956 for (cur = lst; cur; cur = cur->next) {
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	957 x509_ca_element *el = cur->data;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	958 if (purple_strequal(dn, el->dn)) {
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	959 crts = g_slist_prepend(crts, el);
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	960 }
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	961 }
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	962 return crts;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	963 }
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	964
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	965
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	966 static gboolean
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	967 x509_ca_cert_in_pool(const gchar *id)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	968 {
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	969 g_return_val_if_fail(x509_ca_lazy_init(), FALSE);
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	970 g_return_val_if_fail(id, FALSE);
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	971
19205 fff2bc09ec1a Cosmetics William Ehlhardt <williamehlhardt@gmail.com> parents: 19204 diff changeset	972 if (x509_ca_locate_cert(x509_ca_certs, id) != NULL) {
19204 2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	973 return TRUE;
2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	974 } else {
2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	975 return FALSE;
2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	976 }
2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	977
2847b6c84d6c - Implement x509_ca cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19203 diff changeset	978 return FALSE;
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	979 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	980
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	981 static PurpleCertificate *
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	982 x509_ca_get_cert(const gchar *id)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	983 {
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	984 PurpleCertificate *crt = NULL;
19206 919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	985 x509_ca_element *el;
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	986
dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	987 g_return_val_if_fail(x509_ca_lazy_init(), NULL);
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	988 g_return_val_if_fail(id, NULL);
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	989
19206 919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	990 /* Search the memory-cached pool */
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	991 el = x509_ca_locate_cert(x509_ca_certs, id);
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	992
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	993 if (el != NULL) {
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	994 /* Make a copy of the memcached one for the function caller
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	995 to play with */
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	996 crt = purple_certificate_copy(el->crt);
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	997 } else {
919395a01483 - Implement x509_ca_get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19205 diff changeset	998 crt = NULL;
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	999 }
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1000
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1001 return crt;
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1002 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1003
30960 27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1004 static GSList *
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1005 x509_ca_get_certs(const gchar *id)
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1006 {
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1007 GSList crts = NULL, els = NULL;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1008
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1009 g_return_val_if_fail(x509_ca_lazy_init(), NULL);
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1010 g_return_val_if_fail(id, NULL);
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1011
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1012 /* Search the memory-cached pool */
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1013 els = x509_ca_locate_certs(x509_ca_certs, id);
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1014
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1015 if (els != NULL) {
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1016 GSList *cur;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1017 /* Make a copy of the memcached ones for the function caller
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1018 to play with */
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1019 for (cur = els; cur; cur = cur->next) {
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1020 x509_ca_element *el = cur->data;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1021 crts = g_slist_prepend(crts, purple_certificate_copy(el->crt));
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1022 }
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1023 g_slist_free(els);
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1024 }
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1025
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1026 return crts;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1027 }
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1028
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1029 static gboolean
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1030 x509_ca_put_cert(const gchar id, PurpleCertificate crt)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1031 {
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1032 gboolean ret = FALSE;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1033
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	1034 g_return_val_if_fail(x509_ca_lazy_init(), FALSE);
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1035
19096 81163e153778 - Add a hacked-up method of adding certs to the CA pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19095 diff changeset	1036 /* TODO: This is a quick way of doing this. At some point the change
81163e153778 - Add a hacked-up method of adding certs to the CA pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19095 diff changeset	1037 ought to be flushed to disk somehow. */
19201 73d8dd2169c4 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19096 diff changeset	1038 ret = x509_ca_quiet_put_cert(crt);
19096 81163e153778 - Add a hacked-up method of adding certs to the CA pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19095 diff changeset	1039
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1040 return ret;
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1041 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1042
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1043 static gboolean
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1044 x509_ca_delete_cert(const gchar *id)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1045 {
19208 7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	1046 x509_ca_element *el;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1047
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	1048 g_return_val_if_fail(x509_ca_lazy_init(), FALSE);
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1049 g_return_val_if_fail(id, FALSE);
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1050
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1051 /* Is the id even in the pool? */
19208 7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	1052 el = x509_ca_locate_cert(x509_ca_certs, id);
7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	1053 if ( el == NULL ) {
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	1054 purple_debug_warning("certificate/x509/ca",
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1055 "Id %s wasn't in the pool\n",
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1056 id);
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1057 return FALSE;
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1058 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1059
19208 7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	1060 /* Unlink it from the memory cache and destroy it */
7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	1061 x509_ca_certs = g_list_remove(x509_ca_certs, el);
7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	1062 x509_ca_element_free(el);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1063
19208 7b81934f4c85 - Implement x509_ca_delete_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 19207 diff changeset	1064 return TRUE;
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1065 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1066
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1067 static GList *
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1068 x509_ca_get_idlist(void)
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1069 {
19209 a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	1070 GList l, idlist;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1071
19094 dd9f69ebaae8 In x509_ca pool: William Ehlhardt <williamehlhardt@gmail.com> parents: 19093 diff changeset	1072 g_return_val_if_fail(x509_ca_lazy_init(), NULL);
19209 a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	1073
a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	1074 idlist = NULL;
a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	1075 for (l = x509_ca_certs; l; l = l->next) {
a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	1076 x509_ca_element *el = l->data;
a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	1077 idlist = g_list_prepend(idlist, g_strdup(el->dn));
a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	1078 }
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1079
19209 a6ab0ea47d0f - Implement x509_ca_get_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19208 diff changeset	1080 return idlist;
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1081 }
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1082
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1083
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1084 static PurpleCertificatePool x509_ca = {
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1085 "x509", /* Scheme name */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1086 "ca", /* Pool name */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1087 N_("Certificate Authorities"),/* User-friendly name */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1088 NULL, /* Internal data */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1089 x509_ca_init, /* init */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1090 x509_ca_uninit, /* uninit */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1091 x509_ca_cert_in_pool, /* Certificate exists? */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1092 x509_ca_get_cert, /* Cert retriever */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1093 x509_ca_put_cert, /* Cert writer */
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1094 x509_ca_delete_cert, /* Cert remover */
19649 450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1095 x509_ca_get_idlist, /* idlist retriever */
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1096
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1097 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1098 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1099 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1100 NULL
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1101
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1102 };
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1103
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1104
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1105
f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1106 /*** Cache of certificates given by TLS/SSL peers ***/
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1107 static PurpleCertificatePool x509_tls_peers;
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1108
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1109 static gboolean
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1110 x509_tls_peers_init(void)
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1111 {
18985 806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	1112 gchar *poolpath;
806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	1113 int ret;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1114
18985 806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	1115 /* Set up key cache here if it isn't already done */
806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	1116 poolpath = purple_certificate_pool_mkpath(&x509_tls_peers, NULL);
806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	1117 ret = purple_build_dir(poolpath, 0700); /* Make it this user only */
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1118
27536 18a96fe78870 Don't fail an assertion and don't return FALSE if we can't create Mark Doliner <mark@kingant.net> parents: 27231 diff changeset	1119 if (ret != 0)
18a96fe78870 Don't fail an assertion and don't return FALSE if we can't create Mark Doliner <mark@kingant.net> parents: 27231 diff changeset	1120 purple_debug_info("certificate/tls_peers",
18a96fe78870 Don't fail an assertion and don't return FALSE if we can't create Mark Doliner <mark@kingant.net> parents: 27231 diff changeset	1121 "Could not create %s. Certificates will not be cached.\n",
18a96fe78870 Don't fail an assertion and don't return FALSE if we can't create Mark Doliner <mark@kingant.net> parents: 27231 diff changeset	1122 poolpath);
18a96fe78870 Don't fail an assertion and don't return FALSE if we can't create Mark Doliner <mark@kingant.net> parents: 27231 diff changeset	1123
18985 806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	1124 g_free(poolpath);
806c610ac5a0 - Add init for x509_tls_peers pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18984 diff changeset	1125
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1126 return TRUE;
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1127 }
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1128
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1129 static gboolean
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1130 x509_tls_peers_cert_in_pool(const gchar *id)
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1131 {
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1132 gchar *keypath;
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1133 gboolean ret = FALSE;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1134
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1135 g_return_val_if_fail(id, FALSE);
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1136
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1137 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id);
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1138
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1139 ret = g_file_test(keypath, G_FILE_TEST_IS_REGULAR);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1140
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1141 g_free(keypath);
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1142 return ret;
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1143 }
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1144
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1145 static PurpleCertificate *
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1146 x509_tls_peers_get_cert(const gchar *id)
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1147 {
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1148 PurpleCertificateScheme *x509;
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1149 PurpleCertificate *crt;
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1150 gchar *keypath;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1151
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1152 g_return_val_if_fail(id, NULL);
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1153
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1154 /* Is it in the pool? */
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1155 if ( !x509_tls_peers_cert_in_pool(id) ) {
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1156 return NULL;
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1157 }
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1158
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1159 /* Look up the X.509 scheme */
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1160 x509 = purple_certificate_find_scheme("x509");
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1161 g_return_val_if_fail(x509, NULL);
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1162
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1163 /* Okay, now find and load that key */
a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1164 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id);
18990 3f2944bdb404 - Finish tls_peers get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18989 diff changeset	1165 crt = purple_certificate_import(x509, keypath);
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1166
18990 3f2944bdb404 - Finish tls_peers get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18989 diff changeset	1167 g_free(keypath);
18987 a763dd083b79 - Finished tls_peers cert_in_pool William Ehlhardt <williamehlhardt@gmail.com> parents: 18986 diff changeset	1168
18990 3f2944bdb404 - Finish tls_peers get_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18989 diff changeset	1169 return crt;
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1170 }
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1171
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1172 static gboolean
18982 8948cd6bb8bc - CertificatePool put_cert now accepts an id argument William Ehlhardt <williamehlhardt@gmail.com> parents: 18977 diff changeset	1173 x509_tls_peers_put_cert(const gchar id, PurpleCertificate crt)
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1174 {
18991 7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1175 gboolean ret = FALSE;
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1176 gchar *keypath;
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1177
18991 7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1178 g_return_val_if_fail(crt, FALSE);
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1179 g_return_val_if_fail(crt->scheme, FALSE);
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1180 /* Make sure that this is some kind of X.509 certificate */
18992 605e69fa7108 - Comment change William Ehlhardt <williamehlhardt@gmail.com> parents: 18991 diff changeset	1181 /* TODO: Perhaps just check crt->scheme->name instead? */
18991 7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1182 g_return_val_if_fail(crt->scheme == purple_certificate_find_scheme(x509_tls_peers.scheme_name), FALSE);
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1183
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1184 /* Work out the filename and export */
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1185 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id);
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1186 ret = purple_certificate_export(keypath, crt);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1187
18991 7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1188 g_free(keypath);
7a144f2229c6 - Add tls_peers put_cert William Ehlhardt <williamehlhardt@gmail.com> parents: 18990 diff changeset	1189 return ret;
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1190 }
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1191
19047 3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1192 static gboolean
19048 fd0b4b2f6cf0 - remove_cert => delete_cert, because naming conventions are our William Ehlhardt <williamehlhardt@gmail.com> parents: 19047 diff changeset	1193 x509_tls_peers_delete_cert(const gchar *id)
19047 3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1194 {
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1195 gboolean ret = FALSE;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1196 gchar *keypath;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1197
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1198 g_return_val_if_fail(id, FALSE);
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1199
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1200 /* Is the id even in the pool? */
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1201 if (!x509_tls_peers_cert_in_pool(id)) {
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1202 purple_debug_warning("certificate/tls_peers",
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1203 "Id %s wasn't in the pool\n",
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1204 id);
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1205 return FALSE;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1206 }
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1207
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1208 /* OK, so work out the keypath and delete the thing */
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1209 keypath = purple_certificate_pool_mkpath(&x509_tls_peers, id);
19047 3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1210 if ( unlink(keypath) != 0 ) {
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1211 purple_debug_error("certificate/tls_peers",
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1212 "Unlink of %s failed!\n",
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1213 keypath);
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1214 ret = FALSE;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1215 } else {
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1216 ret = TRUE;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1217 }
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1218
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1219 g_free(keypath);
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1220 return ret;
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1221 }
3af5d9ed9ad3 - Write remove_cert function for tls_peers Pool William Ehlhardt <williamehlhardt@gmail.com> parents: 19046 diff changeset	1222
19027 15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1223 static GList *
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1224 x509_tls_peers_get_idlist(void)
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1225 {
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1226 GList *idlist = NULL;
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1227 GDir *dir;
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1228 const gchar *entry;
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1229 gchar *poolpath;
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1230
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1231 /* Get a handle on the pool directory */
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1232 poolpath = purple_certificate_pool_mkpath(&x509_tls_peers, NULL);
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1233 dir = g_dir_open(poolpath,
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1234 0, /* No flags */
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1235 NULL); /* Not interested in what the error is */
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1236 g_free(poolpath);
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1237
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1238 g_return_val_if_fail(dir, NULL);
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1239
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1240 /* Traverse the directory listing and create an idlist */
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1241 while ( (entry = g_dir_read_name(dir)) != NULL ) {
19078 3987f76c0e4b - tls_peers pool unescapes filenames in its directory, as it should William Ehlhardt <williamehlhardt@gmail.com> parents: 19077 diff changeset	1242 /* Unescape the filename */
3987f76c0e4b - tls_peers pool unescapes filenames in its directory, as it should William Ehlhardt <williamehlhardt@gmail.com> parents: 19077 diff changeset	1243 const char *unescaped = purple_unescape_filename(entry);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1244
19027 15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1245 /* Copy the entry name into our list (GLib owns the original
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1246 string) */
19078 3987f76c0e4b - tls_peers pool unescapes filenames in its directory, as it should William Ehlhardt <williamehlhardt@gmail.com> parents: 19077 diff changeset	1247 idlist = g_list_prepend(idlist, g_strdup(unescaped));
19027 15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1248 }
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1249
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1250 /* Release the directory */
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1251 g_dir_close(dir);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1252
19027 15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1253 return idlist;
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1254 }
15d9031e03b2 - Add get_idlist support to tls_peers CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19026 diff changeset	1255
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1256 static PurpleCertificatePool x509_tls_peers = {
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1257 "x509", /* Scheme name */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1258 "tls_peers", /* Pool name */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1259 N_("SSL Peers Cache"), /* User-friendly name */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1260 NULL, /* Internal data */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1261 x509_tls_peers_init, /* init */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1262 NULL, /* uninit not required */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1263 x509_tls_peers_cert_in_pool, /* Certificate exists? */
172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1264 x509_tls_peers_get_cert, /* Cert retriever */
19026 b3acaf46d9ad - Add pool_get_idlist / pool_destroy_idlist William Ehlhardt <williamehlhardt@gmail.com> parents: 19024 diff changeset	1265 x509_tls_peers_put_cert, /* Cert writer */
19049 8cbc110456ac - Add purple_certificate_pool_delete William Ehlhardt <williamehlhardt@gmail.com> parents: 19048 diff changeset	1266 x509_tls_peers_delete_cert, /* Cert remover */
19649 450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1267 x509_tls_peers_get_idlist, /* idlist retriever */
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1268
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1269 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1270 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1271 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1272 NULL
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1273 };
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1274
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1275
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1276 /*** A Verifier that uses the tls_peers cache and the CA pool to validate certificates ***/
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1277 static PurpleCertificateVerifier x509_tls_cached;
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1278
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1279
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1280 /* The following is several hacks piled together and needs to be fixed.
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1281 * It exists because show_cert (see its comments) needs the original reason
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1282 * given to user_auth in order to rebuild the dialog.
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1283 */
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1284 /* TODO: This will cause a ua_ctx to become memleaked if the request(s) get
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1285 closed by handle or otherwise abnormally. */
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1286 typedef struct {
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1287 PurpleCertificateVerificationRequest *vrq;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1288 gchar *reason;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1289 } x509_tls_cached_ua_ctx;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1290
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1291 static x509_tls_cached_ua_ctx *
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1292 x509_tls_cached_ua_ctx_new(PurpleCertificateVerificationRequest *vrq,
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1293 const gchar *reason)
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1294 {
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1295 x509_tls_cached_ua_ctx *c;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1296
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1297 c = g_new0(x509_tls_cached_ua_ctx, 1);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1298 c->vrq = vrq;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1299 c->reason = g_strdup(reason);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1300
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1301 return c;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1302 }
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1303
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1304
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1305 static void
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1306 x509_tls_cached_ua_ctx_free(x509_tls_cached_ua_ctx *c)
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1307 {
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1308 g_return_if_fail(c);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1309 g_free(c->reason);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1310 g_free(c);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1311 }
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1312
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1313 static void
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1314 x509_tls_cached_user_auth(PurpleCertificateVerificationRequest *vrq,
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1315 const gchar *reason);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1316
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1317 static void
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1318 x509_tls_cached_show_cert(x509_tls_cached_ua_ctx *c, gint id)
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1319 {
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1320 PurpleCertificate *disp_crt = c->vrq->cert_chain->data;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1321
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1322 /* Since clicking a button closes the request, show it again */
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1323 x509_tls_cached_user_auth(c->vrq, c->reason);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1324
19564 4a1812e1ec35 When you have a certificate dialog and you click on "View Certificate", Mark Doliner <mark@kingant.net> parents: 19553 diff changeset	1325 /* Show the certificate AFTER re-opening the dialog so that this
4a1812e1ec35 When you have a certificate dialog and you click on "View Certificate", Mark Doliner <mark@kingant.net> parents: 19553 diff changeset	1326 appears above the other */
4a1812e1ec35 When you have a certificate dialog and you click on "View Certificate", Mark Doliner <mark@kingant.net> parents: 19553 diff changeset	1327 purple_certificate_display_x509(disp_crt);
4a1812e1ec35 When you have a certificate dialog and you click on "View Certificate", Mark Doliner <mark@kingant.net> parents: 19553 diff changeset	1328
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1329 x509_tls_cached_ua_ctx_free(c);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1330 }
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1331
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1332 static void
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1333 x509_tls_cached_user_auth_cb (x509_tls_cached_ua_ctx *c, gint id)
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1334 {
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1335 PurpleCertificateVerificationRequest *vrq;
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1336 PurpleCertificatePool *tls_peers;
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1337
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1338 g_return_if_fail(c);
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1339 g_return_if_fail(c->vrq);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1340
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1341 vrq = c->vrq;
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1342
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1343 x509_tls_cached_ua_ctx_free(c);
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1344
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1345 tls_peers = purple_certificate_find_pool("x509","tls_peers");
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1346
19331 920984752314 - Fix the interpretation of the "accept cert? yes/no" choice id given by William Ehlhardt <williamehlhardt@gmail.com> parents: 19330 diff changeset	1347 if (2 == id) {
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1348 gchar *cache_id = vrq->subject_name;
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1349 purple_debug_info("certificate/x509/tls_cached",
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1350 "User ACCEPTED cert\nCaching first in chain for future use as %s...\n",
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1351 cache_id);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1352
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1353 purple_certificate_pool_store(tls_peers, cache_id,
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1354 vrq->cert_chain->data);
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1355
489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1356 purple_certificate_verify_complete(vrq,
489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1357 PURPLE_CERTIFICATE_VALID);
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1358 } else {
27231 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25941 diff changeset	1359 purple_debug_warning("certificate/x509/tls_cached",
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1360 "User REJECTED cert\n");
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1361 purple_certificate_verify_complete(vrq,
489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1362 PURPLE_CERTIFICATE_INVALID);
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1363 }
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1364 }
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1365
19515 b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1366 static void
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1367 x509_tls_cached_user_auth_accept_cb(x509_tls_cached_ua_ctx *c, gint ignore)
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1368 {
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1369 x509_tls_cached_user_auth_cb(c, 2);
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1370 }
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1371
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1372 static void
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1373 x509_tls_cached_user_auth_reject_cb(x509_tls_cached_ua_ctx *c, gint ignore)
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1374 {
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1375 x509_tls_cached_user_auth_cb(c, 1);
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1376 }
b62683f4120d There's some disagreement over the response-id sent to the callbacks to Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19504 diff changeset	1377
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1378 /** Validates a certificate by asking the user
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1379 * @param reason String to explain why the user needs to accept/refuse the
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1380 * certificate.
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1381 * @todo Needs a handle argument
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1382 */
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1383 static void
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1384 x509_tls_cached_user_auth(PurpleCertificateVerificationRequest *vrq,
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1385 const gchar *reason)
19000 986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1386 {
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1387 gchar *primary;
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1388
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1389 /* Make messages */
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1390 primary = g_strdup_printf(_("Accept certificate for %s?"),
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1391 vrq->subject_name);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1392
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1393 /* Make a semi-pretty display */
21099 51cf02dbdb0e disapproval of revision 'c484d979c4fda4433a9633ff8b69bd8a395c9479' Richard Laager <rlaager@wiktel.com> parents: 21095 diff changeset	1394 purple_request_action(
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1395 vrq->cb_data, /* TODO: Find what the handle ought to be */
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1396 _("SSL Certificate Verification"),
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1397 primary,
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1398 reason,
22142 1f3f2d2c9a2b A few more "purple_request_action" default action corrections Mark Doliner <mark@kingant.net> parents: 21929 diff changeset	1399 0, /* Accept by default */
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1400 NULL, /* No account */
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1401 NULL, /* No other user */
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1402 NULL, /* No associated conversation */
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1403 x509_tls_cached_ua_ctx_new(vrq, reason),
b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1404 3, /* Number of actions */
19534 126c5235627b - Change wording on certificate accept/reject dialog William Ehlhardt <williamehlhardt@gmail.com> parents: 19517 diff changeset	1405 _("Accept"), x509_tls_cached_user_auth_accept_cb,
126c5235627b - Change wording on certificate accept/reject dialog William Ehlhardt <williamehlhardt@gmail.com> parents: 19517 diff changeset	1406 _("Reject"), x509_tls_cached_user_auth_reject_cb,
19330 b65a23799dc2 In tls_cached: William Ehlhardt <williamehlhardt@gmail.com> parents: 19329 diff changeset	1407 _("_View Certificate..."), x509_tls_cached_show_cert);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1408
19001 b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1409 /* Cleanup */
b207701cb5a3 - Wrote the logic for the "previously unknown host" condition in William Ehlhardt <williamehlhardt@gmail.com> parents: 19000 diff changeset	1410 g_free(primary);
19000 986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1411 }
986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1412
986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1413 static void
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1414 x509_tls_cached_unknown_peer(PurpleCertificateVerificationRequest *vrq,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1415 PurpleCertificateInvalidityFlags flags);
21929 cedbb3860134 If a peer certificate does not match our cached cert, do not auto reject it! Stu Tomlinson <stu@nosnilmot.com> parents: 21927 diff changeset	1416
cedbb3860134 If a peer certificate does not match our cached cert, do not auto reject it! Stu Tomlinson <stu@nosnilmot.com> parents: 21927 diff changeset	1417 static void
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1418 x509_tls_cached_complete(PurpleCertificateVerificationRequest *vrq,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1419 PurpleCertificateInvalidityFlags flags)
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1420 {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1421 PurpleCertificatePool *tls_peers;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1422 PurpleCertificate *peer_crt = vrq->cert_chain->data;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1423
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1424 if (flags & PURPLE_CERTIFICATE_FATALS_MASK) {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1425 /* TODO: Also print any other warnings? */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1426 const gchar *error;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1427 gchar tmp, secondary;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1428
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1429 if (flags & PURPLE_CERTIFICATE_INVALID_CHAIN)
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1430 error = invalidity_reason_to_string(PURPLE_CERTIFICATE_INVALID_CHAIN);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1431 else if (flags & PURPLE_CERTIFICATE_REVOKED)
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1432 error = invalidity_reason_to_string(PURPLE_CERTIFICATE_REVOKED);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1433 else
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1434 error = invalidity_reason_to_string(PURPLE_CERTIFICATE_UNKNOWN_ERROR);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1435
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1436 tmp = g_strdup_printf(_("The certificate for %s could not be validated."),
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1437 vrq->subject_name);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1438 secondary = g_strconcat(tmp, " ", error, NULL);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1439 g_free(tmp);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1440
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1441 purple_notify_error(NULL, /* TODO: Probably wrong. */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1442 _("SSL Certificate Error"),
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1443 _("Unable to validate certificate"),
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1444 secondary);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1445 g_free(secondary);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1446
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1447 purple_certificate_verify_complete(vrq, PURPLE_CERTIFICATE_INVALID);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1448 return;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1449 } else if (flags & PURPLE_CERTIFICATE_NON_FATALS_MASK) {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1450 /* Non-fatal error. Prompt the user. */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1451 gchar *tmp;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1452 GString *errors;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1453 guint32 i = 1;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1454
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1455 tmp = g_strdup_printf(_("The certificate for %s could not be validated."),
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1456 vrq->subject_name);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1457 errors = g_string_new(tmp);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1458 g_free(tmp);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1459
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1460 errors = g_string_append_c(errors, '\n');
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1461
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1462 /* Special case a name mismatch because we want to display the two names... */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1463 if (flags & PURPLE_CERTIFICATE_NAME_MISMATCH) {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1464 gchar *sn = purple_certificate_get_subject_name(peer_crt);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1465
28392 64fbf431d952 Print that specific message only when there is a CN; otherwise fall back Paul Aurich <paul@darkrain42.org> parents: 28391 diff changeset	1466 if (sn) {
64fbf431d952 Print that specific message only when there is a CN; otherwise fall back Paul Aurich <paul@darkrain42.org> parents: 28391 diff changeset	1467 g_string_append_printf(errors, _("The certificate claims to be "
64fbf431d952 Print that specific message only when there is a CN; otherwise fall back Paul Aurich <paul@darkrain42.org> parents: 28391 diff changeset	1468 "from \"%s\" instead. This could mean that you are "
64fbf431d952 Print that specific message only when there is a CN; otherwise fall back Paul Aurich <paul@darkrain42.org> parents: 28391 diff changeset	1469 "not connecting to the service you believe you are."),
64fbf431d952 Print that specific message only when there is a CN; otherwise fall back Paul Aurich <paul@darkrain42.org> parents: 28391 diff changeset	1470 sn);
64fbf431d952 Print that specific message only when there is a CN; otherwise fall back Paul Aurich <paul@darkrain42.org> parents: 28391 diff changeset	1471 g_free(sn);
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1472
28392 64fbf431d952 Print that specific message only when there is a CN; otherwise fall back Paul Aurich <paul@darkrain42.org> parents: 28391 diff changeset	1473 flags &= ~PURPLE_CERTIFICATE_NAME_MISMATCH;
64fbf431d952 Print that specific message only when there is a CN; otherwise fall back Paul Aurich <paul@darkrain42.org> parents: 28391 diff changeset	1474 }
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1475 }
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1476
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1477 while (i != PURPLE_CERTIFICATE_LAST) {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1478 if (flags & i) {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1479 errors = g_string_append_c(errors, '\n');
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1480 g_string_append(errors, invalidity_reason_to_string(i));
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1481 }
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1482
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1483 i <<= 1;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1484 }
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1485
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1486 x509_tls_cached_user_auth(vrq, errors->str);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1487 g_string_free(errors, TRUE);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1488 return;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1489 }
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1490
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1491 /* If we reach this point, the certificate is good. */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1492
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1493 /* Look up the local cache and store it there for future use */
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1494 tls_peers = purple_certificate_find_pool(x509_tls_cached.scheme_name,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1495 "tls_peers");
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1496 if (tls_peers) {
28804 57ee55097ec8 certs: Cache certs once again (at the end of the verification process). Paul Aurich <paul@darkrain42.org> parents: 28647 diff changeset	1497 if (!purple_certificate_pool_store(tls_peers,vrq->subject_name,
57ee55097ec8 certs: Cache certs once again (at the end of the verification process). Paul Aurich <paul@darkrain42.org> parents: 28647 diff changeset	1498 peer_crt)) {
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1499 purple_debug_error("certificate/x509/tls_cached",
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1500 "FAILED to cache peer certificate\n");
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1501 }
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1502 } else {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1503 purple_debug_error("certificate/x509/tls_cached",
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1504 "Unable to locate tls_peers certificate cache.\n");
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1505 }
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1506
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1507 purple_certificate_verify_complete(vrq, PURPLE_CERTIFICATE_VALID);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1508 }
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1509
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1510 static void
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1511 x509_tls_cached_cert_in_cache(PurpleCertificateVerificationRequest *vrq,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1512 PurpleCertificateInvalidityFlags flags)
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1513 {
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1514 /* TODO: Looking this up by name over and over is expensive.
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1515 Fix, please! */
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1516 PurpleCertificatePool *tls_peers =
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1517 purple_certificate_find_pool(x509_tls_cached.scheme_name,
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1518 "tls_peers");
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1519
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1520 /* The peer's certificate should be the first in the list */
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1521 PurpleCertificate *peer_crt =
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1522 (PurpleCertificate *) vrq->cert_chain->data;
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1523
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1524 PurpleCertificate *cached_crt;
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1525 GByteArray peer_fpr, cached_fpr;
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1526
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1527 /* Load up the cached certificate */
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1528 cached_crt = purple_certificate_pool_retrieve(
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1529 tls_peers, vrq->subject_name);
19553 f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	1530 if ( !cached_crt ) {
27567 199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27536 diff changeset	1531 purple_debug_warning("certificate/x509/tls_cached",
19553 f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	1532 "Lookup failed on cached certificate!\n"
27567 199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27536 diff changeset	1533 "Falling back to full verification.\n");
199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27536 diff changeset	1534 /* vrq now becomes the problem of unknown_peer */
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1535 x509_tls_cached_unknown_peer(vrq, flags);
24840 7608cf033a88 Prevent a NULL ptr deref when unexpected stuff happens in the cert cache. Fixes #7776,#7769 Daniel Atallah <daniel.atallah@gmail.com> parents: 24732 diff changeset	1536 return;
19553 f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	1537 }
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1538
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1539 /* Now get SHA1 sums for both and compare them */
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1540 /* TODO: This is not an elegant way to compare certs */
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1541 peer_fpr = purple_certificate_get_fingerprint_sha1(peer_crt);
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1542 cached_fpr = purple_certificate_get_fingerprint_sha1(cached_crt);
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1543 if (!memcmp(peer_fpr->data, cached_fpr->data, peer_fpr->len)) {
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1544 purple_debug_info("certificate/x509/tls_cached",
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1545 "Peer cert matched cached\n");
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1546 x509_tls_cached_complete(vrq, flags);
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1547 } else {
27231 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25941 diff changeset	1548 purple_debug_error("certificate/x509/tls_cached",
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1549 "Peer cert did NOT match cached\n");
21929 cedbb3860134 If a peer certificate does not match our cached cert, do not auto reject it! Stu Tomlinson <stu@nosnilmot.com> parents: 21927 diff changeset	1550 /* vrq now becomes the problem of the user */
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1551 x509_tls_cached_unknown_peer(vrq, flags);
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1552 }
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1553
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1554 purple_certificate_destroy(cached_crt);
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1555 g_byte_array_free(peer_fpr, TRUE);
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1556 g_byte_array_free(cached_fpr, TRUE);
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1557 }
e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1558
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1559 /*
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1560 * This is called from two points in x509_tls_cached_unknown_peer below
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1561 * once we've verified the signature chain is valid. Now we need to verify
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1562 * the subject name of the certificate.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1563 */
19085 1bd9557f866e In tls_cached Verifier: William Ehlhardt <williamehlhardt@gmail.com> parents: 19084 diff changeset	1564 static void
27763 f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 27734 diff changeset	1565 x509_tls_cached_check_subject_name(PurpleCertificateVerificationRequest *vrq,
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1566 PurpleCertificateInvalidityFlags flags)
19085 1bd9557f866e In tls_cached Verifier: William Ehlhardt <williamehlhardt@gmail.com> parents: 19084 diff changeset	1567 {
27671 99baf778e0b9 Fix GnuTLS validation of the CACert Chain. Closes #4458. Paul Aurich <paul@darkrain42.org> parents: 27669 diff changeset	1568 PurpleCertificate *peer_crt;
19089 c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1569 GList *chain = vrq->cert_chain;
c8962b52579e - Wrote a tls_cached unknown_peer function that does many fun things, William Ehlhardt <williamehlhardt@gmail.com> parents: 19088 diff changeset	1570
19090 5310b1294287 - Add HOSTNAME CHECKING to tls_cached unknown_peer mode, which is kind William Ehlhardt <williamehlhardt@gmail.com> parents: 19089 diff changeset	1571 peer_crt = (PurpleCertificate *) chain->data;
5310b1294287 - Add HOSTNAME CHECKING to tls_cached unknown_peer mode, which is kind William Ehlhardt <williamehlhardt@gmail.com> parents: 19089 diff changeset	1572
21927 a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1573 /* Last, check that the hostname matches */
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1574 if ( ! purple_certificate_check_subject_name(peer_crt,
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1575 vrq->subject_name) ) {
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1576 gchar *sn = purple_certificate_get_subject_name(peer_crt);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1577
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1578 flags \|= PURPLE_CERTIFICATE_NAME_MISMATCH;
27231 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25941 diff changeset	1579 purple_debug_error("certificate/x509/tls_cached",
21927 a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1580 "Name mismatch: Certificate given for %s "
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1581 "has a name of %s\n",
a464f202e6c4 Add the StartCom Free SSL Certificate Authority certificate (as used by Stu Tomlinson <stu@nosnilmot.com> parents: 21887 diff changeset	1582 vrq->subject_name, sn);
29699 8474495b9dfc A couple more leak fixes. Sadrul Habib Chowdhury <imadil@gmail.com> parents: 29647 diff changeset	1583 g_free(sn);
27763 f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 27734 diff changeset	1584 }
f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 27734 diff changeset	1585
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1586 x509_tls_cached_complete(vrq, flags);
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1587 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1588
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1589 /* For when we've never communicated with this party before */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1590 /* TODO: Need ways to specify possibly multiple problems with a cert, or at
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1591 least reprioritize them.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1592 */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1593 static void
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1594 x509_tls_cached_unknown_peer(PurpleCertificateVerificationRequest *vrq,
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1595 PurpleCertificateInvalidityFlags flags)
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1596 {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1597 PurpleCertificatePool *ca;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1598 PurpleCertificate *peer_crt;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1599 PurpleCertificate ca_crt, end_crt;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1600 PurpleCertificate *failing_crt;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1601 GList *chain = vrq->cert_chain;
30960 27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1602 GSList ca_crts, cur;
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1603 GByteArray last_fpr, ca_fpr;
30960 27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1604 gboolean valid = FALSE;
31172 e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1605 gchar ca_id, ca2_id;
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1606
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1607 peer_crt = (PurpleCertificate *) chain->data;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1608
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1609 /* TODO: Figure out a way to check for a bad signature, as opposed to
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1610 "not self-signed" */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1611 if ( purple_certificate_signed_by(peer_crt, peer_crt) ) {
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1612 flags \|= PURPLE_CERTIFICATE_SELF_SIGNED;
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1613
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1614 purple_debug_info("certificate/x509/tls_cached",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1615 "Certificate for %s is self-signed.\n",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1616 vrq->subject_name);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1617
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1618 x509_tls_cached_check_subject_name(vrq, flags);
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1619 return;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1620 } /* if (self signed) */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1621
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1622 ca = purple_certificate_find_pool(x509_tls_cached.scheme_name, "ca");
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1623
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1624 /* Next, check that the certificate chain is valid */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1625 if (!purple_certificate_check_signature_chain_with_failing(chain,
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1626 &failing_crt))
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1627 {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1628 gboolean chain_validated = FALSE;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1629 /*
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1630 * Check if the failing certificate is in the CA store. If it is, then
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1631 * consider this fully validated. This works around issues with some
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1632 * prominent intermediate CAs whose signature is md5WithRSAEncryption.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1633 * I'm looking at CACert Class 3 here. See #4458 for details.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1634 */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1635 if (ca) {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1636 gchar *uid = purple_certificate_get_unique_id(failing_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1637 PurpleCertificate *ca_crt = purple_certificate_pool_retrieve(ca, uid);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1638 if (ca_crt != NULL) {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1639 GByteArray *failing_fpr;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1640 GByteArray *ca_fpr;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1641 failing_fpr = purple_certificate_get_fingerprint_sha1(failing_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1642 ca_fpr = purple_certificate_get_fingerprint_sha1(ca_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1643 if (byte_arrays_equal(failing_fpr, ca_fpr)) {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1644 purple_debug_info("certificate/x509/tls_cached",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1645 "Full chain verification failed (probably a bad "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1646 "signature algorithm), but found the last "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1647 "certificate %s in the CA pool.\n", uid);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1648 chain_validated = TRUE;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1649 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1650
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1651 g_byte_array_free(failing_fpr, TRUE);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1652 g_byte_array_free(ca_fpr, TRUE);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1653 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1654
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1655 purple_certificate_destroy(ca_crt);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1656 g_free(uid);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1657 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1658
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1659 /*
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1660 * If we get here, either the cert matched the stuff right above
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1661 * or it didn't, in which case we give up and complain to the user.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1662 */
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1663 if (!chain_validated)
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1664 /* TODO: Tell the user where the chain broke? */
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1665 flags \|= PURPLE_CERTIFICATE_INVALID_CHAIN;
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1666
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1667 x509_tls_cached_check_subject_name(vrq, flags);
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1668 return;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1669 } /* if (signature chain not good) */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1670
31172 e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1671 /* Next, attempt to verify the last certificate is signed by a trusted
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1672 * CA, or is a trusted CA (based on fingerprint).
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1673 */
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1674 /* If, for whatever reason, there is no Certificate Authority pool
27763 f834ffa7490b cert: Validate subject name before prompting due to no CA pool. Paul Aurich <paul@darkrain42.org> parents: 27734 diff changeset	1675 loaded, we'll verify the subject name and then warn about thsi. */
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1676 if ( !ca ) {
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1677 purple_debug_error("certificate/x509/tls_cached",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1678 "No X.509 Certificate Authority pool "
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1679 "could be found!\n");
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1680
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1681 flags \|= PURPLE_CERTIFICATE_NO_CA_POOL;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1682
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1683 x509_tls_cached_check_subject_name(vrq, flags);
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1684 return;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1685 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1686
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1687 end_crt = g_list_last(chain)->data;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1688
31172 e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1689 /* Attempt to look up the last certificate, and the last certificate's
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1690 * issuer.
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1691 */
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1692 ca_id = purple_certificate_get_issuer_unique_id(end_crt);
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1693 ca2_id = purple_certificate_get_unique_id(end_crt);
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1694 purple_debug_info("certificate/x509/tls_cached",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1695 "Checking for a CA with DN=%s\n",
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1696 ca_id);
31172 e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1697 purple_debug_info("certificate/x509/tls_cached",
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1698 "Also checking for a CA with DN=%s\n",
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1699 ca2_id);
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1700 ca_crts = g_slist_concat(x509_ca_get_certs(ca_id), x509_ca_get_certs(ca2_id));
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1701 g_free(ca_id);
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1702 g_free(ca2_id);
30960 27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1703 if ( NULL == ca_crts ) {
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1704 flags \|= PURPLE_CERTIFICATE_CA_UNKNOWN;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1705
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1706 purple_debug_warning("certificate/x509/tls_cached",
31172 e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1707 "No Certificate Authorities with either DN found "
e89df17f5ae7 certificate: Better validation of chains which have an intermediate signed w/ MD5. Paul Aurich <paul@darkrain42.org> parents: 31171 diff changeset	1708 "found. I'll prompt the user, I guess.\n");
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1709
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1710 x509_tls_cached_check_subject_name(vrq, flags);
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1711 return;
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1712 }
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1713
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1714 /*
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1715 * Check the fingerprints; if they match, then this certificate is one
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1716 * of the designated "trusted roots", and we don't need to verify the
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1717 * signature. This is good because some of the older roots are self-signed
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1718 * with bad hash algorithms that we don't want to allow in any other
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1719 * circumstances (one of Verisign's root CAs is self-signed with MD2).
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1720 *
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1721 * If the fingerprints don't match, we'll fall back to checking the
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1722 * signature.
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1723 */
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1724 last_fpr = purple_certificate_get_fingerprint_sha1(end_crt);
30960 27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1725 for (cur = ca_crts; cur; cur = cur->next) {
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1726 ca_crt = cur->data;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1727 ca_fpr = purple_certificate_get_fingerprint_sha1(ca_crt);
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1728
30960 27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1729 if ( byte_arrays_equal(last_fpr, ca_fpr) \|\|
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1730 purple_certificate_signed_by(end_crt, ca_crt) )
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1731 {
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1732 /* TODO: If signed_by ever returns a reason, maybe mention
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1733 that, too. */
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1734 /* TODO: Also mention the CA involved. While I could do this
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1735 now, a full DN is a little much with which to assault the
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1736 user's poor, leaky eyes. */
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1737 valid = TRUE;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1738 g_byte_array_free(ca_fpr, TRUE);
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1739 break;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1740 }
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1741
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1742 g_byte_array_free(ca_fpr, TRUE);
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1743 }
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1744
30960 27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1745 if (valid == FALSE)
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1746 flags \|= PURPLE_CERTIFICATE_INVALID_CHAIN;
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1747
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1748 g_slist_foreach(ca_crts, (GFunc)purple_certificate_destroy, NULL);
27c56e6b5fa6 Our certificate code is generally designed around no two CA Stu Tomlinson <stu@nosnilmot.com> parents: 30573 diff changeset	1749 g_slist_free(ca_crts);
27734 d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1750 g_byte_array_free(last_fpr, TRUE);
d0654dea0575 certs: Clean up the code a little, since I made it hard to follow. Paul Aurich <paul@darkrain42.org> parents: 27671 diff changeset	1751
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1752 x509_tls_cached_check_subject_name(vrq, flags);
19085 1bd9557f866e In tls_cached Verifier: William Ehlhardt <williamehlhardt@gmail.com> parents: 19084 diff changeset	1753 }
1bd9557f866e In tls_cached Verifier: William Ehlhardt <williamehlhardt@gmail.com> parents: 19084 diff changeset	1754
19000 986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1755 static void
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1756 x509_tls_cached_start_verify(PurpleCertificateVerificationRequest *vrq)
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1757 {
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1758 const gchar tls_peers_name = "tls_peers"; / Name of local cache */
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1759 PurpleCertificatePool *tls_peers;
27664 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	1760 time_t now, activation, expiration;
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1761 PurpleCertificateInvalidityFlags flags = PURPLE_CERTIFICATE_NO_PROBLEMS;
27664 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	1762 gboolean ret;
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1763
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1764 g_return_if_fail(vrq);
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1765
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1766 purple_debug_info("certificate/x509/tls_cached",
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1767 "Starting verify for %s\n",
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1768 vrq->subject_name);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1769
27664 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	1770 /*
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	1771 * Verify the first certificate (the main one) has been activated and
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	1772 * isn't expired, i.e. activation < now < expiration.
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	1773 */
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	1774 now = time(NULL);
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	1775 ret = purple_certificate_get_times(vrq->cert_chain->data, &activation,
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	1776 &expiration);
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1777 if (!ret) {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1778 flags \|= PURPLE_CERTIFICATE_EXPIRED \| PURPLE_CERTIFICATE_NOT_ACTIVATED;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1779 purple_debug_error("certificate/x509/tls_cached",
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1780 "Failed to get validity times for certificate %s\n",
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1781 vrq->subject_name);
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1782 } else if (now > expiration) {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1783 flags \|= PURPLE_CERTIFICATE_EXPIRED;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1784 purple_debug_error("certificate/x509/tls_cached",
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1785 "Certificate %s expired at %s\n",
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1786 vrq->subject_name, ctime(&expiration));
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1787 } else if (now < activation) {
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1788 flags \|= PURPLE_CERTIFICATE_NOT_ACTIVATED;
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1789 purple_debug_error("certificate/x509/tls_cached",
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1790 "Certificate %s is not yet valid, will be at %s\n",
b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1791 vrq->subject_name, ctime(&activation));
27664 151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	1792 }
151ec92db74c Check expiration/activation times on certificates. Closes #8226. Paul Aurich <paul@darkrain42.org> parents: 27567 diff changeset	1793
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1794 tls_peers = purple_certificate_find_pool(x509_tls_cached.scheme_name,tls_peers_name);
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1795
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1796 if (!tls_peers) {
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1797 purple_debug_error("certificate/x509/tls_cached",
23987 11f98b1e605b remove misleading portion of the debug line Ka-Hing Cheung <khc@hxbc.us> parents: 23685 diff changeset	1798 "Couldn't find local peers cache %s\n",
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1799 tls_peers_name);
19091 489889091b14 - Remove all usage of purple_certificate_verify_destroy, as it is William Ehlhardt <williamehlhardt@gmail.com> parents: 19090 diff changeset	1800
20247 e6315ec87124 applied changes from 92e6c32278d711f0d5807c4d931b26162e4a720f Richard Laager <rlaager@wiktel.com> parents: 19688 diff changeset	1801 /* vrq now becomes the problem of unknown_peer */
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1802 x509_tls_cached_unknown_peer(vrq, flags);
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1803 return;
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1804 }
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1805
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1806 /* Check if the peer has a certificate cached already */
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1807 purple_debug_info("certificate/x509/tls_cached",
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1808 "Checking for cached cert...\n");
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1809 if (purple_certificate_pool_contains(tls_peers, vrq->subject_name)) {
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1810 purple_debug_info("certificate/x509/tls_cached",
7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1811 "...Found cached cert\n");
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1812 /* vrq is now the responsibility of cert_in_cache */
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1813 x509_tls_cached_cert_in_cache(vrq, flags);
19086 e256e0bf8ae1 - Move "certificate found in cache" out of tls_cached_start_verify into William Ehlhardt <williamehlhardt@gmail.com> parents: 19085 diff changeset	1814 } else {
27231 627d23bfdb05 Increase the logging level of some debugging messages that seemed to be a mauro.brasil@tqi.com.br parents: 25941 diff changeset	1815 purple_debug_warning("certificate/x509/tls_cached",
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1816 "...Not in cache\n");
19000 986413850713 - More skeletonizing for tls_cached logic. William Ehlhardt <williamehlhardt@gmail.com> parents: 18999 diff changeset	1817 /* vrq now becomes the problem of unknown_peer */
28051 b341ae89f5ce certs: Allow for dealing with multiple things wrong with a cert. Paul Aurich <paul@darkrain42.org> parents: 27982 diff changeset	1818 x509_tls_cached_unknown_peer(vrq, flags);
18999 7fbd0a6ac8d6 - Made a logic skeleton for tls_cached verifier William Ehlhardt <williamehlhardt@gmail.com> parents: 18996 diff changeset	1819 }
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1820 }
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1821
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1822 static void
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1823 x509_tls_cached_destroy_request(PurpleCertificateVerificationRequest *vrq)
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1824 {
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1825 g_return_if_fail(vrq);
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1826 }
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1827
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1828 static PurpleCertificateVerifier x509_tls_cached = {
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1829 "x509", /* Scheme name */
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1830 "tls_cached", /* Verifier name */
33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1831 x509_tls_cached_start_verify, /* Verification begin */
19649 450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1832 x509_tls_cached_destroy_request,/* Request cleanup */
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1833
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1834 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1835 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1836 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1837 NULL
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19564 diff changeset	1838
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1839 };
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1840
18950 f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1841 /****************************************************************************/
f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1842 /* Subsystem */
f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1843 /****************************************************************************/
f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1844 void
18957 9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1845 purple_certificate_init(void)
18950 f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1846 {
18957 9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1847 /* Register builtins */
18953 89b32569890c - Add purple_certificate_get_fingerprint_sha1 William Ehlhardt <williamehlhardt@gmail.com> parents: 18952 diff changeset	1848 purple_certificate_register_verifier(&x509_singleuse);
19093 f96b53df8d17 - Add skeleton for X.509 Certificate Authority (x509_ca) CertificatePool William Ehlhardt <williamehlhardt@gmail.com> parents: 19092 diff changeset	1849 purple_certificate_register_pool(&x509_ca);
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	1850 purple_certificate_register_pool(&x509_tls_peers);
18993 33fb4930ad2b - Add x509_tls_cached skeleton William Ehlhardt <williamehlhardt@gmail.com> parents: 18992 diff changeset	1851 purple_certificate_register_verifier(&x509_tls_cached);
18950 f78a9efa9eaf - Add purple_certificate_register_builtins William Ehlhardt <williamehlhardt@gmail.com> parents: 18949 diff changeset	1852 }
18946 617447a71ab7 - Add certificate_destroy and certificate_destroy_list William Ehlhardt <williamehlhardt@gmail.com> parents: 18943 diff changeset	1853
18957 9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1854 void
9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1855 purple_certificate_uninit(void)
9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1856 {
19024 264f00bc8f22 - Change certificate_uninit to unregister all Pools, Schemes, and William Ehlhardt <williamehlhardt@gmail.com> parents: 19023 diff changeset	1857 /* Unregister all Verifiers */
25375 fc8fd4fef166 Fix a crash on exit with a patch from im.pidgin.next.minor. Elliott Sales de Andrade <qulogic@pidgin.im> parents: 24840 diff changeset	1858 g_list_foreach(cert_verifiers, (GFunc)purple_certificate_unregister_verifier, NULL);
19024 264f00bc8f22 - Change certificate_uninit to unregister all Pools, Schemes, and William Ehlhardt <williamehlhardt@gmail.com> parents: 19023 diff changeset	1859
264f00bc8f22 - Change certificate_uninit to unregister all Pools, Schemes, and William Ehlhardt <williamehlhardt@gmail.com> parents: 19023 diff changeset	1860 /* Unregister all Pools */
25375 fc8fd4fef166 Fix a crash on exit with a patch from im.pidgin.next.minor. Elliott Sales de Andrade <qulogic@pidgin.im> parents: 24840 diff changeset	1861 g_list_foreach(cert_pools, (GFunc)purple_certificate_unregister_pool, NULL);
18957 9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1862 }
9205841eed06 - Certificate system now has init and uninit like other systems William Ehlhardt <williamehlhardt@gmail.com> parents: 18953 diff changeset	1863
19022 1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1864 gpointer
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1865 purple_certificate_get_handle(void)
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1866 {
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1867 static gint handle;
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1868 return &handle;
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1869 }
1f07f96dc1ce - Add purple_certificate_get_handle William Ehlhardt <williamehlhardt@gmail.com> parents: 19021 diff changeset	1870
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1871 PurpleCertificateScheme *
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1872 purple_certificate_find_scheme(const gchar *name)
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1873 {
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1874 PurpleCertificateScheme *scheme = NULL;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1875 GList *l;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1876
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1877 g_return_val_if_fail(name, NULL);
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1878
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1879 /* Traverse the list of registered schemes and locate the
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1880 one whose name matches */
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1881 for(l = cert_schemes; l; l = l->next) {
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1882 scheme = (PurpleCertificateScheme *)(l->data);
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1883
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1884 /* Name matches? that's our man */
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1885 if(!g_ascii_strcasecmp(scheme->name, name))
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1886 return scheme;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1887 }
17910 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	1888
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1889 purple_debug_warning("certificate",
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1890 "CertificateScheme %s requested but not found.\n",
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1891 name);
17910 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	1892
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1893 /* TODO: Signalling and such? */
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1894
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1895 return NULL;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1896 }
17910 668a294f9a72 - Added certificate.[ch] and got them integrated into the build William Ehlhardt <williamehlhardt@gmail.com> parents: diff changeset	1897
19023 eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1898 GList *
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1899 purple_certificate_get_schemes(void)
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1900 {
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1901 return cert_schemes;
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1902 }
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1903
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1904 gboolean
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1905 purple_certificate_register_scheme(PurpleCertificateScheme *scheme)
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1906 {
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1907 g_return_val_if_fail(scheme != NULL, FALSE);
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1908
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1909 /* Make sure no scheme is registered with the same name */
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1910 if (purple_certificate_find_scheme(scheme->name) != NULL) {
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1911 return FALSE;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1912 }
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1913
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1914 /* Okay, we're golden. Register it. */
18972 486563a6bb5c - prepend > append William Ehlhardt <williamehlhardt@gmail.com> parents: 18971 diff changeset	1915 cert_schemes = g_list_prepend(cert_schemes, scheme);
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1916
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1917 /* TODO: Signalling and such? */
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1918
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1919 purple_debug_info("certificate",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1920 "CertificateScheme %s registered\n",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1921 scheme->name);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1922
18192 dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1923 return TRUE;
dc7e7b8bdc8c - Add chunks of the certificate scheme registration interface William Ehlhardt <williamehlhardt@gmail.com> parents: 17913 diff changeset	1924 }
18926 8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1925
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1926 gboolean
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1927 purple_certificate_unregister_scheme(PurpleCertificateScheme *scheme)
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1928 {
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1929 if (NULL == scheme) {
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1930 purple_debug_warning("certificate",
18973 28673b6fb8a2 - Fix some errors and return values William Ehlhardt <williamehlhardt@gmail.com> parents: 18972 diff changeset	1931 "Attempting to unregister NULL scheme\n");
28673b6fb8a2 - Fix some errors and return values William Ehlhardt <williamehlhardt@gmail.com> parents: 18972 diff changeset	1932 return FALSE;
18926 8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1933 }
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1934
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1935 /* TODO: signalling? */
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1936
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1937 /* TODO: unregister all CertificateVerifiers for this scheme?*/
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1938 /* TODO: unregister all CertificatePools for this scheme? */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1939 /* Neither of the above should be necessary, though */
18926 8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1940 cert_schemes = g_list_remove(cert_schemes, scheme);
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1941
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1942 purple_debug_info("certificate",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1943 "CertificateScheme %s unregistered\n",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1944 scheme->name);
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1945
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	1946
18926 8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1947 return TRUE;
8c4d52bc0319 - Add unregister_scheme William Ehlhardt <williamehlhardt@gmail.com> parents: 18192 diff changeset	1948 }
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1949
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1950 PurpleCertificateVerifier *
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1951 purple_certificate_find_verifier(const gchar scheme_name, const gchar ver_name)
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1952 {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1953 PurpleCertificateVerifier *vr = NULL;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1954 GList *l;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1955
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1956 g_return_val_if_fail(scheme_name, NULL);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1957 g_return_val_if_fail(ver_name, NULL);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1958
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1959 /* Traverse the list of registered verifiers and locate the
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1960 one whose name matches */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1961 for(l = cert_verifiers; l; l = l->next) {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1962 vr = (PurpleCertificateVerifier *)(l->data);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1963
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1964 /* Scheme and name match? */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1965 if(!g_ascii_strcasecmp(vr->scheme_name, scheme_name) &&
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1966 !g_ascii_strcasecmp(vr->name, ver_name))
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1967 return vr;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1968 }
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1969
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1970 purple_debug_warning("certificate",
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1971 "CertificateVerifier %s, %s requested but not found.\n",
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1972 scheme_name, ver_name);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1973
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1974 /* TODO: Signalling and such? */
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	1975
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1976 return NULL;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1977 }
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1978
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1979
19023 eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1980 GList *
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1981 purple_certificate_get_verifiers(void)
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1982 {
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1983 return cert_verifiers;
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1984 }
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	1985
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1986 gboolean
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1987 purple_certificate_register_verifier(PurpleCertificateVerifier *vr)
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1988 {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1989 g_return_val_if_fail(vr != NULL, FALSE);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1990
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1991 /* Make sure no verifier is registered with the same scheme/name */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1992 if (purple_certificate_find_verifier(vr->scheme_name, vr->name) != NULL) {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1993 return FALSE;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1994 }
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1995
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1996 /* Okay, we're golden. Register it. */
18972 486563a6bb5c - prepend > append William Ehlhardt <williamehlhardt@gmail.com> parents: 18971 diff changeset	1997 cert_verifiers = g_list_prepend(cert_verifiers, vr);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1998
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	1999 /* TODO: Signalling and such? */
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2000
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2001 purple_debug_info("certificate",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2002 "CertificateVerifier %s registered\n",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2003 vr->name);
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2004 return TRUE;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2005 }
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2006
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2007 gboolean
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2008 purple_certificate_unregister_verifier(PurpleCertificateVerifier *vr)
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2009 {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2010 if (NULL == vr) {
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2011 purple_debug_warning("certificate",
18973 28673b6fb8a2 - Fix some errors and return values William Ehlhardt <williamehlhardt@gmail.com> parents: 18972 diff changeset	2012 "Attempting to unregister NULL verifier\n");
28673b6fb8a2 - Fix some errors and return values William Ehlhardt <williamehlhardt@gmail.com> parents: 18972 diff changeset	2013 return FALSE;
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2014 }
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2015
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2016 /* TODO: signalling? */
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2017
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2018 cert_verifiers = g_list_remove(cert_verifiers, vr);
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2019
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2020
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2021 purple_debug_info("certificate",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2022 "CertificateVerifier %s unregistered\n",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2023 vr->name);
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2024
18941 425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2025 return TRUE;
425f494bd1ec - CertificateVerifier register/unregister/find William Ehlhardt <williamehlhardt@gmail.com> parents: 18926 diff changeset	2026 }
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2027
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2028 PurpleCertificatePool *
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2029 purple_certificate_find_pool(const gchar scheme_name, const gchar pool_name)
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2030 {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2031 PurpleCertificatePool *pool = NULL;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2032 GList *l;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2033
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2034 g_return_val_if_fail(scheme_name, NULL);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2035 g_return_val_if_fail(pool_name, NULL);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2036
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2037 /* Traverse the list of registered pools and locate the
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2038 one whose name matches */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2039 for(l = cert_pools; l; l = l->next) {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2040 pool = (PurpleCertificatePool *)(l->data);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2041
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2042 /* Scheme and name match? */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2043 if(!g_ascii_strcasecmp(pool->scheme_name, scheme_name) &&
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2044 !g_ascii_strcasecmp(pool->name, pool_name))
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2045 return pool;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2046 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2047
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2048 purple_debug_warning("certificate",
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2049 "CertificatePool %s, %s requested but not found.\n",
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2050 scheme_name, pool_name);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2051
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2052 /* TODO: Signalling and such? */
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	2053
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2054 return NULL;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2055
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2056 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2057
19023 eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	2058 GList *
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	2059 purple_certificate_get_pools(void)
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	2060 {
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	2061 return cert_pools;
eb86ff3ba21a - Add get_pools, get_verifiers, and get_schemes William Ehlhardt <williamehlhardt@gmail.com> parents: 19022 diff changeset	2062 }
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2063
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2064 gboolean
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2065 purple_certificate_register_pool(PurpleCertificatePool *pool)
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2066 {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2067 g_return_val_if_fail(pool, FALSE);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2068 g_return_val_if_fail(pool->scheme_name, FALSE);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2069 g_return_val_if_fail(pool->name, FALSE);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2070 g_return_val_if_fail(pool->fullname, FALSE);
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2071
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2072 /* Make sure no pools are registered under this name */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2073 if (purple_certificate_find_pool(pool->scheme_name, pool->name)) {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2074 return FALSE;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2075 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2076
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2077 /* Initialize the pool if needed */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2078 if (pool->init) {
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2079 gboolean success;
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2080
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	2081 success = pool->init();
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2082 if (!success)
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2083 return FALSE;
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2084 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2085
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2086 /* Register the Pool */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2087 cert_pools = g_list_prepend(cert_pools, pool);
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2088
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2089 /* TODO: Emit a signal that the pool got registered */
19044 602295db8e6b - Register the certificate-stored and certificate-deleted signals William Ehlhardt <williamehlhardt@gmail.com> parents: 19034 diff changeset	2090
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2091 PURPLE_DBUS_REGISTER_POINTER(pool, PurpleCertificatePool);
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2092 purple_signal_register(pool, /* Signals emitted from pool */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2093 "certificate-stored",
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2094 purple_marshal_VOID__POINTER_POINTER,
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2095 NULL, /* No callback return value */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2096 2, /* Two non-data arguments */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2097 purple_value_new(PURPLE_TYPE_SUBTYPE,
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2098 PURPLE_SUBTYPE_CERTIFICATEPOOL),
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2099 purple_value_new(PURPLE_TYPE_STRING));
19044 602295db8e6b - Register the certificate-stored and certificate-deleted signals William Ehlhardt <williamehlhardt@gmail.com> parents: 19034 diff changeset	2100
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2101 purple_signal_register(pool, /* Signals emitted from pool */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2102 "certificate-deleted",
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2103 purple_marshal_VOID__POINTER_POINTER,
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2104 NULL, /* No callback return value */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2105 2, /* Two non-data arguments */
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2106 purple_value_new(PURPLE_TYPE_SUBTYPE,
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2107 PURPLE_SUBTYPE_CERTIFICATEPOOL),
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2108 purple_value_new(PURPLE_TYPE_STRING));
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2109
21655 10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2110 purple_debug_info("certificate",
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2111 "CertificatePool %s registered\n",
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2112 pool->name);
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2113
10a2ac84349d Simplify this a little bit. Most of this change is just removing Mark Doliner <mark@kingant.net> parents: 21561 diff changeset	2114 return TRUE;
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2115 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2116
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2117 gboolean
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2118 purple_certificate_unregister_pool(PurpleCertificatePool *pool)
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2119 {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2120 if (NULL == pool) {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2121 purple_debug_warning("certificate",
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2122 "Attempting to unregister NULL pool\n");
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2123 return FALSE;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2124 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2125
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2126 /* Check that the pool is registered */
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2127 if (!g_list_find(cert_pools, pool)) {
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2128 purple_debug_warning("certificate",
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2129 "Pool to unregister isn't registered!\n");
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2130
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2131 return FALSE;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2132 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2133
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2134 /* Uninit the pool if needed */
19517 7bea9c9fd2a5 (Un)Register the pools with DBus to avoid a runtime fit. Sadrul Habib Chowdhury <imadil@gmail.com> parents: 19515 diff changeset	2135 PURPLE_DBUS_UNREGISTER_POINTER(pool);
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2136 if (pool->uninit) {
18975 172b8d1dc2be - CertificatePool member functions no longer accept a Pool instance, as Pools are expected to be singletons William Ehlhardt <williamehlhardt@gmail.com> parents: 18973 diff changeset	2137 pool->uninit();
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2138 }
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2139
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2140 cert_pools = g_list_remove(cert_pools, pool);
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	2141
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2142 /* TODO: Signalling? */
19044 602295db8e6b - Register the certificate-stored and certificate-deleted signals William Ehlhardt <williamehlhardt@gmail.com> parents: 19034 diff changeset	2143 purple_signal_unregister(pool, "certificate-stored");
602295db8e6b - Register the certificate-stored and certificate-deleted signals William Ehlhardt <williamehlhardt@gmail.com> parents: 19034 diff changeset	2144 purple_signal_unregister(pool, "certificate-deleted");
25924 584063555949 Remove trailing whitespace Mark Doliner <mark@kingant.net> parents: 25894 diff changeset	2145
19063 2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2146 purple_debug_info("certificate",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2147 "CertificatePool %s unregistered\n",
2f51578e6602 - Add debugging babble for registers/unregisters William Ehlhardt <williamehlhardt@gmail.com> parents: 19060 diff changeset	2148 pool->name);
18971 898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2149 return TRUE;
898e2bd70f23 - Add find, register, and unregister for CertificatePools William Ehlhardt <williamehlhardt@gmail.com> parents: 18964 diff changeset	2150 }
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2151
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2152 /****************************************************************************/
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2153 /* Scheme-specific functions */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2154 /****************************************************************************/
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2155
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2156 void
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2157 purple_certificate_display_x509(PurpleCertificate *crt)
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2158 {
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2159 gchar *sha_asc;
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2160 GByteArray *sha_bin;
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2161 gchar *cn;
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2162 time_t activation, expiration;
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2163 gchar activ_str, expir_str;
19332 6e0521bb0853 - Fix some g_free()s of string constants that caused crashing William Ehlhardt <williamehlhardt@gmail.com> parents: 19331 diff changeset	2164 gchar *secondary;
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2165
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2166 /* Pull out the SHA1 checksum */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2167 sha_bin = purple_certificate_get_fingerprint_sha1(crt);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2168 /* Now decode it for display */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2169 sha_asc = purple_base16_encode_chunked(sha_bin->data,
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2170 sha_bin->len);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2171
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2172 /* Get the cert Common Name */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2173 /* TODO: Will break on CA certs */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2174 cn = purple_certificate_get_subject_name(crt);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2175
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2176 /* Get the certificate times */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2177 /* TODO: Check the times against localtime */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2178 /* TODO: errorcheck? */
19553 f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	2179 if (!purple_certificate_get_times(crt, &activation, &expiration)) {
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	2180 purple_debug_error("certificate",
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	2181 "Failed to get certificate times!\n");
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	2182 activation = expiration = 0;
f36d0d2bf6f2 - Remove g_assert()s. Fixes #2859 William Ehlhardt <williamehlhardt@gmail.com> parents: 19534 diff changeset	2183 }
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2184 activ_str = g_strdup(ctime(&activation));
d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2185 expir_str = g_strdup(ctime(&expiration));
d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2186
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2187 /* Make messages */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2188 secondary = g_strdup_printf(_("Common name: %s\n\n"
24270 e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23987 diff changeset	2189 "Fingerprint (SHA1): %s\n\n"
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23987 diff changeset	2190 "Activation date: %s\n"
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23987 diff changeset	2191 "Expiration date: %s\n"),
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23987 diff changeset	2192 cn ? cn : "(null)",
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23987 diff changeset	2193 sha_asc ? sha_asc : "(null)",
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23987 diff changeset	2194 activ_str ? activ_str : "(null)",
e265e7066598 Fix a printf("%s", NULL). Fixes #7289. Daniel Atallah <daniel.atallah@gmail.com> parents: 23987 diff changeset	2195 expir_str ? expir_str : "(null)");
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2196
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2197 /* Make a semi-pretty display */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2198 purple_notify_info(
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2199 NULL, /* TODO: Find what the handle ought to be */
19332 6e0521bb0853 - Fix some g_free()s of string constants that caused crashing William Ehlhardt <williamehlhardt@gmail.com> parents: 19331 diff changeset	2200 _("Certificate Information"),
6e0521bb0853 - Fix some g_free()s of string constants that caused crashing William Ehlhardt <williamehlhardt@gmail.com> parents: 19331 diff changeset	2201 "",
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2202 secondary);
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2203
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2204 /* Cleanup */
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2205 g_free(cn);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2206 g_free(secondary);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2207 g_free(sha_asc);
19504 d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2208 g_free(activ_str);
d5ecaf5bce93 Fix the win32 build for the cert SoC branch merge. Daniel Atallah <daniel.atallah@gmail.com> parents: 19497 diff changeset	2209 g_free(expir_str);
19329 e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2210 g_byte_array_free(sha_bin, TRUE);
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2211 }
e93db0c87b26 - Add purple_certificate_display_x509 William Ehlhardt <williamehlhardt@gmail.com> parents: 19271 diff changeset	2212
21647 a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2213 void purple_certificate_add_ca_search_path(const char *path)
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2214 {
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2215 if (g_list_find_custom(x509_ca_paths, path, (GCompareFunc)strcmp))
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2216 return;
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2217 x509_ca_paths = g_list_append(x509_ca_paths, g_strdup(path));
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2218 }
a57adf1de9cb Patch from Florian Qu��ze (the InstantBird dude) to add a search path for Sadrul Habib Chowdhury <imadil@gmail.com> parents: 21561 diff changeset	2219

Mercurial > pidgin

annotate libpurple/certificate.c @ 31537:6ec53e134447