pidgin: libpurple/plugins/ssl/ssl-nss.c annotate

annotate libpurple/plugins/ssl/ssl-nss.c @ 29659:df9de37e0274

gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 If the handshake callbacks are called sychronously and they fail (e.g. passing GnuTLS a bad priority string or doing voodoo with NSS, see #11524 for details), the error_cb is called and the gsc destroyed, but this happens /before/ the assignment to, e.g., js->gsc happens (see jabber.c:tls_init). Thus, js->gsc is assigned a (now invalid) pointer and jabber_close tries to free it (again).

author	Paul Aurich <paul@darkrain42.org>
date	Thu, 01 Apr 2010 05:26:44 +0000
parents	c35fd54ec64b
children	fc4bacb35cbc

rev	line source
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1 /**
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	2 * @file ssl-nss.c Mozilla NSS SSL plugin.
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	3 *
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	4 * purple
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	5 *
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	6 * Copyright (C) 2003 Christian Hammond <chipx86@gnupdate.org>
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	7 *
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	8 * This program is free software; you can redistribute it and/or modify
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	9 * it under the terms of the GNU General Public License as published by
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	10 * the Free Software Foundation; either version 2 of the License, or
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	11 * (at your option) any later version.
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	12 *
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	13 * This program is distributed in the hope that it will be useful,
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	16 * GNU General Public License for more details.
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	17 *
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	18 * You should have received a copy of the GNU General Public License
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	19 * along with this program; if not, write to the Free Software
19681 44b4e8bd759b The FSF changed its address a while ago; our files were out of date. John Bailey <rekkanoryo@rekkanoryo.org> parents: 19670 diff changeset	20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	21 */
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	22 #include "internal.h"
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	23 #include "debug.h"
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	24 #include "certificate.h"
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	25 #include "plugin.h"
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	26 #include "sslconn.h"
19990 47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	27 #include "util.h"
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	28 #include "version.h"
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	29
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	30 #define SSL_NSS_PLUGIN_ID "ssl-nss"
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	31
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	32 #undef HAVE_LONG_LONG /* Make Mozilla less angry. If angry, Mozilla SMASH! */
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	33
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	34 #include <nspr.h>
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	35 #include <nss.h>
19990 47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	36 #include <nssb64.h>
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	37 #include <pk11func.h>
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	38 #include <prio.h>
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	39 #include <secerr.h>
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	40 #include <secmod.h>
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	41 #include <ssl.h>
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	42 #include <sslerr.h>
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	43 #include <sslproto.h>
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	44
17566 016eee704a96 Avoid including NSPR's private header pprio.h just for the prototype of Stu Tomlinson <stu@nosnilmot.com> parents: 17514 diff changeset	45 /* This is defined in NSPR's <private/pprio.h>, but to avoid including a
016eee704a96 Avoid including NSPR's private header pprio.h just for the prototype of Stu Tomlinson <stu@nosnilmot.com> parents: 17514 diff changeset	46 * private header we duplicate the prototype here */
016eee704a96 Avoid including NSPR's private header pprio.h just for the prototype of Stu Tomlinson <stu@nosnilmot.com> parents: 17514 diff changeset	47 NSPR_API(PRFileDesc*) PR_ImportTCPSocket(PRInt32 osfd);
016eee704a96 Avoid including NSPR's private header pprio.h just for the prototype of Stu Tomlinson <stu@nosnilmot.com> parents: 17514 diff changeset	48
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	49 typedef struct
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	50 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	51 PRFileDesc *fd;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	52 PRFileDesc *in;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	53 guint handshake_handler;
29659 df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	54 guint handshake_timer;
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	55 } PurpleSslNssData;
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	56
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	57 #define PURPLE_SSL_NSS_DATA(gsc) ((PurpleSslNssData *)gsc->private_data)
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	58
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	59 static const PRIOMethods *_nss_methods = NULL;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	60 static PRDescIdentity _identity;
23737 d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	61 static PurpleCertificateScheme x509_nss;
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	62
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	63 /* Thank you, Evolution */
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	64 static void
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	65 set_errno(int code)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	66 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	67 /* FIXME: this should handle more. */
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	68 switch (code) {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	69 case PR_INVALID_ARGUMENT_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	70 errno = EINVAL;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	71 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	72 case PR_PENDING_INTERRUPT_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	73 errno = EINTR;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	74 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	75 case PR_IO_PENDING_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	76 errno = EAGAIN;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	77 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	78 case PR_WOULD_BLOCK_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	79 errno = EAGAIN;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	80 /errno = EWOULDBLOCK; /
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	81 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	82 case PR_IN_PROGRESS_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	83 errno = EINPROGRESS;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	84 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	85 case PR_ALREADY_INITIATED_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	86 errno = EALREADY;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	87 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	88 case PR_NETWORK_UNREACHABLE_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	89 errno = EHOSTUNREACH;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	90 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	91 case PR_CONNECT_REFUSED_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	92 errno = ECONNREFUSED;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	93 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	94 case PR_CONNECT_TIMEOUT_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	95 case PR_IO_TIMEOUT_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	96 errno = ETIMEDOUT;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	97 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	98 case PR_NOT_CONNECTED_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	99 errno = ENOTCONN;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	100 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	101 case PR_CONNECT_RESET_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	102 errno = ECONNRESET;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	103 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	104 case PR_IO_ERROR:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	105 default:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	106 errno = EIO;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	107 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	108 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	109 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	110
22007 c38d72677c8a Probe for -Wstrict-prototypes to get some more warnings. I then cleaned up Richard Laager <rlaager@wiktel.com> parents: 21030 diff changeset	111 static gchar *get_error_text(void)
19670 fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	112 {
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	113 PRInt32 len = PR_GetErrorTextLength();
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	114 gchar *ret = NULL;
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	115
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	116 if (len > 0) {
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	117 ret = g_malloc(len + 1);
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	118 len = PR_GetErrorText(ret);
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	119 ret[len] = '\0';
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	120 }
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	121
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	122 return ret;
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	123 }
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	124
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	125 static void
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	126 ssl_nss_init_nss(void)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	127 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	128 char *lib;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	129 PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
16809 2a98d8b6095e Proabably fixes ticket #578, it's the recommended way of initializing NSS Stu Tomlinson <stu@nosnilmot.com> parents: 16665 diff changeset	130 NSS_NoDB_Init(".");
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	131
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	132 /* TODO: Fix this so autoconf does the work trying to find this lib. */
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	133 #ifndef _WIN32
16098 634b96915d2e Death to Binreloc\! Sean Egan <seanegan@gmail.com> parents: 15822 diff changeset	134 lib = g_strdup(LIBDIR "/libnssckbi.so");
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	135 #else
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	136 lib = g_strdup("nssckbi.dll");
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	137 #endif
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	138 SECMOD_AddNewModule("Builtins", lib, 0, 0);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	139 g_free(lib);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	140 NSS_SetDomesticPolicy();
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	141
24181 0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	142 SSL_CipherPrefSetDefault(TLS_DHE_RSA_WITH_AES_256_CBC_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	143 SSL_CipherPrefSetDefault(TLS_DHE_DSS_WITH_AES_256_CBC_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	144 SSL_CipherPrefSetDefault(TLS_RSA_WITH_AES_256_CBC_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	145 SSL_CipherPrefSetDefault(TLS_DHE_DSS_WITH_RC4_128_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	146 SSL_CipherPrefSetDefault(TLS_DHE_RSA_WITH_AES_128_CBC_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	147 SSL_CipherPrefSetDefault(TLS_DHE_DSS_WITH_AES_128_CBC_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	148 SSL_CipherPrefSetDefault(SSL_RSA_WITH_RC4_128_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	149 SSL_CipherPrefSetDefault(TLS_RSA_WITH_AES_128_CBC_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	150 SSL_CipherPrefSetDefault(SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	151 SSL_CipherPrefSetDefault(SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	152 SSL_CipherPrefSetDefault(SSL_DHE_RSA_WITH_DES_CBC_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	153 SSL_CipherPrefSetDefault(SSL_DHE_DSS_WITH_DES_CBC_SHA, 1);
0006181485ea Enable a number of default-disabled strong ciphers for NSS. Ethan Blanton <elb@pidgin.im> parents: 24077 diff changeset	154
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	155 _identity = PR_GetUniqueIdentity("Purple");
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	156 _nss_methods = PR_GetDefaultIOMethods();
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	157 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	158
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	159 static SECStatus
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	160 ssl_auth_cert(void arg, PRFileDesc socket, PRBool checksig,
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	161 PRBool is_server)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	162 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	163 return SECSuccess;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	164
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	165 #if 0
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	166 CERTCertificate *cert;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	167 void *pinArg;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	168 SECStatus status;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	169
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	170 cert = SSL_PeerCertificate(socket);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	171 pinArg = SSL_RevealPinArg(socket);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	172
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	173 status = CERT_VerifyCertNow((CERTCertDBHandle *)arg, cert, checksig,
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	174 certUsageSSLClient, pinArg);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	175
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	176 if (status != SECSuccess) {
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	177 purple_debug_error("nss", "CERT_VerifyCertNow failed\n");
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	178 CERT_DestroyCertificate(cert);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	179 return status;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	180 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	181
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	182 CERT_DestroyCertificate(cert);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	183 return SECSuccess;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	184 #endif
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	185 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	186
23737 d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	187 #if 0
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	188 static SECStatus
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	189 ssl_bad_cert(void arg, PRFileDesc socket)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	190 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	191 SECStatus status = SECFailure;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	192 PRErrorCode err;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	193
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	194 if (arg == NULL)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	195 return status;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	196
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	197 (PRErrorCode )arg = err = PORT_GetError();
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	198
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	199 switch (err)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	200 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	201 case SEC_ERROR_INVALID_AVA:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	202 case SEC_ERROR_INVALID_TIME:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	203 case SEC_ERROR_BAD_SIGNATURE:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	204 case SEC_ERROR_EXPIRED_CERTIFICATE:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	205 case SEC_ERROR_UNKNOWN_ISSUER:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	206 case SEC_ERROR_UNTRUSTED_CERT:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	207 case SEC_ERROR_CERT_VALID:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	208 case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	209 case SEC_ERROR_CRL_EXPIRED:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	210 case SEC_ERROR_CRL_BAD_SIGNATURE:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	211 case SEC_ERROR_EXTENSION_VALUE_INVALID:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	212 case SEC_ERROR_CA_CERT_INVALID:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	213 case SEC_ERROR_CERT_USAGES_INVALID:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	214 case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	215 status = SECSuccess;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	216 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	217
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	218 default:
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	219 status = SECFailure;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	220 break;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	221 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	222
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	223 purple_debug_error("nss", "Bad certificate: %d\n", err);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	224
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	225 return status;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	226 }
23737 d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	227 #endif
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	228
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	229 static gboolean
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	230 ssl_nss_init(void)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	231 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	232 return TRUE;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	233 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	234
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	235 static void
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	236 ssl_nss_uninit(void)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	237 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	238 PR_Cleanup();
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	239
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	240 _nss_methods = NULL;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	241 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	242
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	243 static void
23737 d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	244 ssl_nss_verified_cb(PurpleCertificateVerificationStatus st,
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	245 gpointer userdata)
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	246 {
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	247 PurpleSslConnection gsc = (PurpleSslConnection ) userdata;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	248
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	249 if (st == PURPLE_CERTIFICATE_VALID) {
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	250 /* Certificate valid? Good! Do the connection! */
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	251 gsc->connect_cb(gsc->connect_cb_data, gsc, PURPLE_INPUT_READ);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	252 } else {
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	253 /* Otherwise, signal an error */
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	254 if(gsc->error_cb != NULL)
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	255 gsc->error_cb(gsc, PURPLE_SSL_CERTIFICATE_INVALID,
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	256 gsc->connect_cb_data);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	257 purple_ssl_close(gsc);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	258 }
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	259 }
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	260
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	261 /** Transforms an NSS containing an X.509 certificate into a Certificate instance
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	262 *
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	263 * @param cert Certificate to transform
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	264 * @return A newly allocated Certificate
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	265 */
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	266 static PurpleCertificate *
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	267 x509_import_from_nss(CERTCertificate* cert)
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	268 {
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	269 /* New certificate to return */
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	270 PurpleCertificate * crt;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	271
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	272 /* Allocate the certificate and load it with data */
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	273 crt = g_new0(PurpleCertificate, 1);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	274 crt->scheme = &x509_nss;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	275 crt->data = CERT_DupCertificate(cert);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	276
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	277 return crt;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	278 }
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	279
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	280 static GList *
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	281 ssl_nss_get_peer_certificates(PRFileDesc socket, PurpleSslConnection gsc)
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	282 {
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	283 CERTCertificate *curcert;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	284 CERTCertificate *issuerCert;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	285 PurpleCertificate * newcrt;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	286
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	287 /* List of Certificate instances to return */
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	288 GList * peer_certs = NULL;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	289 int count;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	290 int64 now = PR_Now();
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	291
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	292 curcert = SSL_PeerCertificate(socket);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	293 if (curcert == NULL) {
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	294 purple_debug_error("nss", "could not DupCertificate\n");
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	295 return NULL;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	296 }
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	297
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	298 for (count = 0 ; count < CERT_MAX_CERT_CHAIN ; count++) {
24077 67cb8706a2f2 Fix a NULL pointer deref in the NSS SSL implementation with certain self-signed Daniel Atallah <daniel.atallah@gmail.com> parents: 23737 diff changeset	299 purple_debug_info("nss", "subject=%s issuer=%s\n", curcert->subjectName,
67cb8706a2f2 Fix a NULL pointer deref in the NSS SSL implementation with certain self-signed Daniel Atallah <daniel.atallah@gmail.com> parents: 23737 diff changeset	300 curcert->issuerName ? curcert->issuerName : "(null)");
23737 d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	301 newcrt = x509_import_from_nss(curcert);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	302 peer_certs = g_list_append(peer_certs, newcrt);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	303
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	304 if (curcert->isRoot) {
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	305 break;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	306 }
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	307 issuerCert = CERT_FindCertIssuer(curcert, now, certUsageSSLServer);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	308 if (!issuerCert) {
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	309 purple_debug_error("nss", "partial certificate chain\n");
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	310 break;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	311 }
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	312 CERT_DestroyCertificate(curcert);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	313 curcert = issuerCert;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	314 }
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	315 CERT_DestroyCertificate(curcert);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	316
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	317 return peer_certs;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	318 }
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	319
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	320 static void
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	321 ssl_nss_handshake_cb(gpointer data, int fd, PurpleInputCondition cond)
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	322 {
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	323 PurpleSslConnection gsc = (PurpleSslConnection )data;
32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	324 PurpleSslNssData *nss_data = gsc->private_data;
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	325
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	326 /* I don't think this the best way to do this...
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	327 * It seems to work because it'll eventually use the cached value
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	328 */
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	329 if(SSL_ForceHandshake(nss_data->in) != SECSuccess) {
19670 fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	330 gchar *error_txt;
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	331 set_errno(PR_GetError());
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	332 if (errno == EAGAIN \|\| errno == EWOULDBLOCK)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	333 return;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	334
19670 fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	335 error_txt = get_error_text();
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	336 purple_debug_error("nss", "Handshake failed %s (%d)\n", error_txt ? error_txt : "", PR_GetError());
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	337 g_free(error_txt);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	338
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	339 if (gsc->error_cb != NULL)
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	340 gsc->error_cb(gsc, PURPLE_SSL_HANDSHAKE_FAILED, gsc->connect_cb_data);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	341
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	342 purple_ssl_close(gsc);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	343
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	344 return;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	345 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	346
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	347 purple_input_remove(nss_data->handshake_handler);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	348 nss_data->handshake_handler = 0;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	349
23737 d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	350 /* If a Verifier was given, hand control over to it */
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	351 if (gsc->verifier) {
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	352 GList *peers;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	353 /* First, get the peer cert chain */
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	354 peers = ssl_nss_get_peer_certificates(nss_data->in, gsc);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	355
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	356 /* Now kick off the verification process */
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	357 purple_certificate_verify(gsc->verifier,
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	358 gsc->host,
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	359 peers,
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	360 ssl_nss_verified_cb,
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	361 gsc);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	362
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	363 purple_certificate_destroy_list(peers);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	364 } else {
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	365 /* Otherwise, just call the "connection complete"
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	366 callback */
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	367 gsc->connect_cb(gsc->connect_cb_data, gsc, cond);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	368 }
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	369 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	370
29659 df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	371 static gboolean
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	372 start_handshake_cb(gpointer data)
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	373 {
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	374 PurpleSslConnection *gsc = data;
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	375 PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc);
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	376
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	377 nss_data->handshake_timer = 0;
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	378
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	379 ssl_nss_handshake_cb(gsc, gsc->fd, PURPLE_INPUT_READ);
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	380 return FALSE;
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	381 }
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	382
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	383 static void
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	384 ssl_nss_connect(PurpleSslConnection *gsc)
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	385 {
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	386 PurpleSslNssData *nss_data = g_new0(PurpleSslNssData, 1);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	387 PRSocketOptionData socket_opt;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	388
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	389 gsc->private_data = nss_data;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	390
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	391 nss_data->fd = PR_ImportTCPSocket(gsc->fd);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	392
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	393 if (nss_data->fd == NULL)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	394 {
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	395 purple_debug_error("nss", "nss_data->fd == NULL!\n");
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	396
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	397 if (gsc->error_cb != NULL)
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	398 gsc->error_cb(gsc, PURPLE_SSL_CONNECT_FAILED, gsc->connect_cb_data);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	399
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	400 purple_ssl_close((PurpleSslConnection *)gsc);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	401
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	402 return;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	403 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	404
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	405 socket_opt.option = PR_SockOpt_Nonblocking;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	406 socket_opt.value.non_blocking = PR_TRUE;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	407
19670 fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	408 if (PR_SetSocketOption(nss_data->fd, &socket_opt) != PR_SUCCESS) {
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	409 gchar *error_txt = get_error_text();
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	410 purple_debug_warning("nss", "unable to set socket into non-blocking mode: %s (%d)\n", error_txt ? error_txt : "", PR_GetError());
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	411 g_free(error_txt);
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	412 }
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	413
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	414 nss_data->in = SSL_ImportFD(NULL, nss_data->fd);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	415
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	416 if (nss_data->in == NULL)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	417 {
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	418 purple_debug_error("nss", "nss_data->in == NUL!\n");
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	419
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	420 if (gsc->error_cb != NULL)
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	421 gsc->error_cb(gsc, PURPLE_SSL_CONNECT_FAILED, gsc->connect_cb_data);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	422
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	423 purple_ssl_close((PurpleSslConnection *)gsc);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	424
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	425 return;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	426 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	427
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	428 SSL_OptionSet(nss_data->in, SSL_SECURITY, PR_TRUE);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	429 SSL_OptionSet(nss_data->in, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	430
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	431 SSL_AuthCertificateHook(nss_data->in,
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	432 (SSLAuthCertificate)ssl_auth_cert,
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	433 (void *)CERT_GetDefaultCertDB());
23737 d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	434 #if 0
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	435 /* No point in hooking BadCert, since ssl_auth_cert always succeeds */
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	436 SSL_BadCertHook(nss_data->in, (SSLBadCertHandler)ssl_bad_cert, NULL);
23737 d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	437 #endif
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	438
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	439 if(gsc->host)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	440 SSL_SetURL(nss_data->in, gsc->host);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	441
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	442 #if 0
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	443 /* This seems like it'd the be the correct way to implement the
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	444 nonblocking stuff, but it doesn't seem to work */
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	445 SSL_HandshakeCallback(nss_data->in,
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	446 (SSLHandshakeCallback) ssl_nss_handshake_cb, gsc);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	447 #endif
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	448 SSL_ResetHandshake(nss_data->in, PR_FALSE);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	449
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	450 nss_data->handshake_handler = purple_input_add(gsc->fd,
32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	451 PURPLE_INPUT_READ, ssl_nss_handshake_cb, gsc);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	452
29659 df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	453 nss_data->handshake_timer = purple_timeout_add(0, start_handshake_cb, gsc);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	454 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	455
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	456 static void
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	457 ssl_nss_close(PurpleSslConnection *gsc)
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	458 {
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	459 PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	460
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	461 if(!nss_data)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	462 return;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	463
17514 278e22624ce5 A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is. Daniel Atallah <daniel.atallah@gmail.com> parents: 16809 diff changeset	464 if (nss_data->in) {
278e22624ce5 A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is. Daniel Atallah <daniel.atallah@gmail.com> parents: 16809 diff changeset	465 PR_Close(nss_data->in);
278e22624ce5 A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is. Daniel Atallah <daniel.atallah@gmail.com> parents: 16809 diff changeset	466 gsc->fd = -1;
278e22624ce5 A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is. Daniel Atallah <daniel.atallah@gmail.com> parents: 16809 diff changeset	467 } else if (nss_data->fd) {
278e22624ce5 A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is. Daniel Atallah <daniel.atallah@gmail.com> parents: 16809 diff changeset	468 PR_Close(nss_data->fd);
278e22624ce5 A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is. Daniel Atallah <daniel.atallah@gmail.com> parents: 16809 diff changeset	469 gsc->fd = -1;
278e22624ce5 A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is. Daniel Atallah <daniel.atallah@gmail.com> parents: 16809 diff changeset	470 }
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	471
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	472 if (nss_data->handshake_handler)
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	473 purple_input_remove(nss_data->handshake_handler);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	474
29659 df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	475 if (nss_data->handshake_timer)
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	476 purple_timeout_remove(nss_data->handshake_timer);
df9de37e0274 gnutls/nss: Don't call the handshake functions synchronously. Fixes #11525 Paul Aurich <paul@darkrain42.org> parents: 29647 diff changeset	477
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	478 g_free(nss_data);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	479 gsc->private_data = NULL;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	480 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	481
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	482 static size_t
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	483 ssl_nss_read(PurpleSslConnection gsc, void data, size_t len)
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	484 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	485 ssize_t ret;
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	486 PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	487
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	488 ret = PR_Read(nss_data->in, data, len);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	489
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	490 if (ret == -1)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	491 set_errno(PR_GetError());
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	492
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	493 return ret;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	494 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	495
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	496 static size_t
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	497 ssl_nss_write(PurpleSslConnection gsc, const void data, size_t len)
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	498 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	499 ssize_t ret;
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	500 PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	501
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	502 if(!nss_data)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	503 return 0;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	504
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	505 ret = PR_Write(nss_data->in, data, len);
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	506
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	507 if (ret == -1)
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	508 set_errno(PR_GetError());
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	509
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	510 return ret;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	511 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	512
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	513 static GList *
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	514 ssl_nss_peer_certs(PurpleSslConnection *gsc)
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	515 {
20329 24ce4fcce5b0 applied changes from e56db1b8a7bb8729e30fb3bf99a94ff7887fe4ec Luke Schierer <lschiere@pidgin.im> parents: 19991 diff changeset	516 #if 0
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	517 PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc);
19670 fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	518 CERTCertificate *cert;
fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	519 /*
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	520 GList *chain = NULL;
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	521 void *pinArg;
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	522 SECStatus status;
19670 fb3b3e93b9ca Attempt to display user readable error messages for NSS. Daniel Atallah <daniel.atallah@gmail.com> parents: 19649 diff changeset	523 */
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	524
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	525 /* TODO: this is a blind guess */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	526 cert = SSL_PeerCertificate(nss_data->fd);
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	527
20329 24ce4fcce5b0 applied changes from e56db1b8a7bb8729e30fb3bf99a94ff7887fe4ec Luke Schierer <lschiere@pidgin.im> parents: 19991 diff changeset	528 if (cert)
24ce4fcce5b0 applied changes from e56db1b8a7bb8729e30fb3bf99a94ff7887fe4ec Luke Schierer <lschiere@pidgin.im> parents: 19991 diff changeset	529 CERT_DestroyCertificate(cert);
24ce4fcce5b0 applied changes from e56db1b8a7bb8729e30fb3bf99a94ff7887fe4ec Luke Schierer <lschiere@pidgin.im> parents: 19991 diff changeset	530 #endif
24ce4fcce5b0 applied changes from e56db1b8a7bb8729e30fb3bf99a94ff7887fe4ec Luke Schierer <lschiere@pidgin.im> parents: 19991 diff changeset	531
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	532
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	533
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	534 return NULL;
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	535 }
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	536
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	537 /************************************************************************/
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	538 /* X.509 functionality */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	539 /************************************************************************/
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	540 static PurpleCertificateScheme x509_nss;
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	541
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	542 /** Helpr macro to retrieve the NSS certdata from a PurpleCertificate */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	543 #define X509_NSS_DATA(pcrt) ( (CERTCertificate * ) (pcrt->data) )
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	544
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	545 /** Imports a PEM-formatted X.509 certificate from the specified file.
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	546 * @param filename Filename to import from. Format is PEM
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	547 *
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	548 * @return A newly allocated Certificate structure of the x509_nss scheme
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	549 */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	550 static PurpleCertificate *
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	551 x509_import_from_file(const gchar *filename)
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	552 {
19273 db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	553 gchar *rawcert;
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	554 gsize len = 0;
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	555 CERTCertificate *crt_dat;
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	556 PurpleCertificate *crt;
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	557
27567 199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	558 g_return_val_if_fail(filename != NULL, NULL);
19273 db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	559
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	560 purple_debug_info("nss/x509",
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	561 "Loading certificate from %s\n",
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	562 filename);
27567 199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	563
19273 db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	564 /* Load the raw data up */
20329 24ce4fcce5b0 applied changes from e56db1b8a7bb8729e30fb3bf99a94ff7887fe4ec Luke Schierer <lschiere@pidgin.im> parents: 19991 diff changeset	565 if (!g_file_get_contents(filename,
24ce4fcce5b0 applied changes from e56db1b8a7bb8729e30fb3bf99a94ff7887fe4ec Luke Schierer <lschiere@pidgin.im> parents: 19991 diff changeset	566 &rawcert, &len,
24ce4fcce5b0 applied changes from e56db1b8a7bb8729e30fb3bf99a94ff7887fe4ec Luke Schierer <lschiere@pidgin.im> parents: 19991 diff changeset	567 NULL)) {
24ce4fcce5b0 applied changes from e56db1b8a7bb8729e30fb3bf99a94ff7887fe4ec Luke Schierer <lschiere@pidgin.im> parents: 19991 diff changeset	568 purple_debug_error("nss/x509", "Unable to read certificate file.\n");
24ce4fcce5b0 applied changes from e56db1b8a7bb8729e30fb3bf99a94ff7887fe4ec Luke Schierer <lschiere@pidgin.im> parents: 19991 diff changeset	569 return NULL;
24ce4fcce5b0 applied changes from e56db1b8a7bb8729e30fb3bf99a94ff7887fe4ec Luke Schierer <lschiere@pidgin.im> parents: 19991 diff changeset	570 }
19273 db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	571
27567 199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	572 if (len == 0) {
199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	573 purple_debug_error("nss/x509",
199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	574 "Certificate file has no contents!\n");
199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	575 if (rawcert)
199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	576 g_free(rawcert);
199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	577 return NULL;
199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	578 }
199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	579
19273 db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	580 /* Decode the certificate */
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	581 crt_dat = CERT_DecodeCertFromPackage(rawcert, len);
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	582 g_free(rawcert);
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	583
27567 199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	584 g_return_val_if_fail(crt_dat != NULL, NULL);
199cf148cdf8 Continue verification when we can't find a cached peer. Fixes #9664. Paul Aurich <paul@darkrain42.org> parents: 27433 diff changeset	585
19273 db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	586 crt = g_new0(PurpleCertificate, 1);
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	587 crt->scheme = &x509_nss;
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	588 crt->data = crt_dat;
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	589
db42632ac756 - Add x509_import_from_file William Ehlhardt <williamehlhardt@gmail.com> parents: 19272 diff changeset	590 return crt;
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	591 }
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	592
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	593 /** Imports a number of PEM-formatted X.509 certificates from the specified file.
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	594 * @param filename Filename to import from. Format is PEM
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	595 *
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	596 * @return A GSList of newly allocated Certificate structures of the x509_nss scheme
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	597 */
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	598 static GSList *
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	599 x509_importcerts_from_file(const gchar *filename)
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	600 {
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	601 gchar rawcert, begin, *end;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	602 gsize len = 0;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	603 GSList *crts = NULL;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	604 CERTCertificate *crt_dat;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	605 PurpleCertificate *crt;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	606
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	607 g_return_val_if_fail(filename != NULL, NULL);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	608
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	609 purple_debug_info("nss/x509",
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	610 "Loading certificate from %s\n",
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	611 filename);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	612
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	613 /* Load the raw data up */
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	614 if (!g_file_get_contents(filename,
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	615 &rawcert, &len,
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	616 NULL)) {
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	617 purple_debug_error("nss/x509", "Unable to read certificate file.\n");
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	618 return NULL;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	619 }
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	620
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	621 if (len == 0) {
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	622 purple_debug_error("nss/x509",
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	623 "Certificate file has no contents!\n");
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	624 if (rawcert)
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	625 g_free(rawcert);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	626 return NULL;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	627 }
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	628
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	629 begin = rawcert;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	630 while((end = strstr(begin, "-----END CERTIFICATE-----")) != NULL) {
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	631 end += sizeof("-----END CERTIFICATE-----")-1;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	632 /* Decode the certificate */
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	633 crt_dat = CERT_DecodeCertFromPackage(begin, (end-begin));
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	634
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	635 g_return_val_if_fail(crt_dat != NULL, NULL);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	636
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	637 crt = g_new0(PurpleCertificate, 1);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	638 crt->scheme = &x509_nss;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	639 crt->data = crt_dat;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	640 crts = g_slist_prepend(crts, crt);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	641 begin = end;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	642 }
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	643 g_free(rawcert);
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	644
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	645 return crts;
c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	646 }
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	647 /**
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	648 * Exports a PEM-formatted X.509 certificate to the specified file.
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	649 * @param filename Filename to export to. Format will be PEM
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	650 * @param crt Certificate to export
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	651 *
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	652 * @return TRUE if success, otherwise FALSE
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	653 */
19990 47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	654 /* This function should not be so complicated, but NSS doesn't seem to have a
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	655 "convert yon certificate to PEM format" function. */
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	656 static gboolean
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	657 x509_export_certificate(const gchar filename, PurpleCertificate crt)
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	658 {
19990 47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	659 CERTCertificate *crt_dat;
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	660 SECItem *dercrt;
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	661 gchar *b64crt;
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	662 gchar *pemcrt;
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	663 gboolean ret = FALSE;
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	664
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	665 g_return_val_if_fail(filename, FALSE);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	666 g_return_val_if_fail(crt, FALSE);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	667 g_return_val_if_fail(crt->scheme == &x509_nss, FALSE);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	668
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	669 crt_dat = X509_NSS_DATA(crt);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	670 g_return_val_if_fail(crt_dat, FALSE);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	671
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	672 purple_debug_info("nss/x509",
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	673 "Exporting certificate to %s\n", filename);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	674
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	675 /* First, use NSS voodoo to create a DER-formatted certificate */
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	676 dercrt = SEC_ASN1EncodeItem(NULL, NULL, crt_dat,
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	677 SEC_ASN1_GET(SEC_SignedCertificateTemplate));
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	678 g_return_val_if_fail(dercrt != NULL, FALSE);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	679
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	680 /* Now encode it to b64 */
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	681 b64crt = NSSBase64_EncodeItem(NULL, NULL, 0, dercrt);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	682 SECITEM_FreeItem(dercrt, PR_TRUE);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	683 g_return_val_if_fail(b64crt, FALSE);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	684
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	685 /* Wrap it in nice PEM header things */
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	686 pemcrt = g_strdup_printf("-----BEGIN CERTIFICATE-----\n%s\n-----END CERTIFICATE-----\n", b64crt);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	687 PORT_Free(b64crt); /* Notice that b64crt was allocated by an NSS
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	688 function; hence, we'll let NSPR free it. */
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	689
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	690 /* Finally, dump the silly thing to a file. */
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	691 ret = purple_util_write_data_to_file_absolute(filename, pemcrt, -1);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	692
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	693 g_free(pemcrt);
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	694
47f2becb7a60 - Make ssl-nss x509_export_certificate work William Ehlhardt <williamehlhardt@gmail.com> parents: 19989 diff changeset	695 return ret;
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	696 }
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	697
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	698 static PurpleCertificate *
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	699 x509_copy_certificate(PurpleCertificate *crt)
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	700 {
19069 fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	701 CERTCertificate *crt_dat;
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	702 PurpleCertificate *newcrt;
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	703
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	704 g_return_val_if_fail(crt, NULL);
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	705 g_return_val_if_fail(crt->scheme == &x509_nss, NULL);
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	706
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	707 crt_dat = X509_NSS_DATA(crt);
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	708 g_return_val_if_fail(crt_dat, NULL);
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	709
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	710 /* Create the certificate copy */
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	711 newcrt = g_new0(PurpleCertificate, 1);
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	712 newcrt->scheme = &x509_nss;
19083 5b8035030053 - Comment on NSS's refcounting prowess William Ehlhardt <williamehlhardt@gmail.com> parents: 19074 diff changeset	713 /* NSS does refcounting automatically */
19069 fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	714 newcrt->data = CERT_DupCertificate(crt_dat);
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	715
fcb3e4a2aa9a - x509_nss copy op William Ehlhardt <williamehlhardt@gmail.com> parents: 19068 diff changeset	716 return newcrt;
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	717 }
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	718
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	719 /** Frees a Certificate
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	720 *
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	721 * Destroys a Certificate's internal data structures and frees the pointer
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	722 * given.
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	723 * @param crt Certificate instance to be destroyed. It WILL NOT be destroyed
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	724 * if it is not of the correct CertificateScheme. Can be NULL
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	725 *
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	726 */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	727 static void
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	728 x509_destroy_certificate(PurpleCertificate * crt)
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	729 {
19070 7ccb5ab3e07e - x509_nss destroy_certificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19069 diff changeset	730 CERTCertificate *crt_dat;
7ccb5ab3e07e - x509_nss destroy_certificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19069 diff changeset	731
7ccb5ab3e07e - x509_nss destroy_certificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19069 diff changeset	732 g_return_if_fail(crt);
7ccb5ab3e07e - x509_nss destroy_certificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19069 diff changeset	733 g_return_if_fail(crt->scheme == &x509_nss);
7ccb5ab3e07e - x509_nss destroy_certificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19069 diff changeset	734
7ccb5ab3e07e - x509_nss destroy_certificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19069 diff changeset	735 crt_dat = X509_NSS_DATA(crt);
7ccb5ab3e07e - x509_nss destroy_certificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19069 diff changeset	736 g_return_if_fail(crt_dat);
7ccb5ab3e07e - x509_nss destroy_certificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19069 diff changeset	737
7ccb5ab3e07e - x509_nss destroy_certificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19069 diff changeset	738 /* Finally we have the certificate. So let's kill it */
19083 5b8035030053 - Comment on NSS's refcounting prowess William Ehlhardt <williamehlhardt@gmail.com> parents: 19074 diff changeset	739 /* NSS does refcounting automatically */
19070 7ccb5ab3e07e - x509_nss destroy_certificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19069 diff changeset	740 CERT_DestroyCertificate(crt_dat);
19087 7fa5d10969f4 - x509_destroy_certificate is supposed to free the PurpleCertificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19083 diff changeset	741
7fa5d10969f4 - x509_destroy_certificate is supposed to free the PurpleCertificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19083 diff changeset	742 /* Delete the PurpleCertificate as well */
7fa5d10969f4 - x509_destroy_certificate is supposed to free the PurpleCertificate William Ehlhardt <williamehlhardt@gmail.com> parents: 19083 diff changeset	743 g_free(crt);
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	744 }
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	745
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	746 /** Determines whether one certificate has been issued and signed by another
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	747 *
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	748 * @param crt Certificate to check the signature of
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	749 * @param issuer Issuer's certificate
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	750 *
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	751 * @return TRUE if crt was signed and issued by issuer, otherwise FALSE
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	752 * @TODO Modify this function to return a reason for invalidity?
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	753 */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	754 static gboolean
19987 eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	755 x509_signed_by(PurpleCertificate * crt,
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	756 PurpleCertificate * issuer)
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	757 {
23737 d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	758 CERTCertificate *subjectCert;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	759 CERTCertificate *issuerCert;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	760 SECStatus st;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	761
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	762 issuerCert = X509_NSS_DATA(issuer);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	763 g_return_val_if_fail(issuerCert, FALSE);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	764
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	765 subjectCert = X509_NSS_DATA(crt);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	766 g_return_val_if_fail(subjectCert, FALSE);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	767
24077 67cb8706a2f2 Fix a NULL pointer deref in the NSS SSL implementation with certain self-signed Daniel Atallah <daniel.atallah@gmail.com> parents: 23737 diff changeset	768 if (subjectCert->issuerName == NULL
67cb8706a2f2 Fix a NULL pointer deref in the NSS SSL implementation with certain self-signed Daniel Atallah <daniel.atallah@gmail.com> parents: 23737 diff changeset	769 \|\| PORT_Strcmp(subjectCert->issuerName, issuerCert->subjectName) != 0)
23737 d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	770 return FALSE;
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	771 st = CERT_VerifySignedData(&subjectCert->signatureWrap, issuerCert, PR_Now(), NULL);
d7c62b220ed0 Patch to fully enable NSS SSL Certificates from #6500. William Ehlhardt <williamehlhardt@gmail.com> parents: 22007 diff changeset	772 return st == SECSuccess;
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	773 }
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	774
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	775 static GByteArray *
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	776 x509_sha1sum(PurpleCertificate *crt)
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	777 {
19074 3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	778 CERTCertificate *crt_dat;
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	779 size_t hashlen = 20; /* Size of an sha1sum */
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	780 GByteArray *sha1sum;
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	781 SECItem derCert; / DER representation of the cert */
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	782 SECStatus st;
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	783
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	784 g_return_val_if_fail(crt, NULL);
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	785 g_return_val_if_fail(crt->scheme == &x509_nss, NULL);
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	786
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	787 crt_dat = X509_NSS_DATA(crt);
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	788 g_return_val_if_fail(crt_dat, NULL);
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	789
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	790 /* Get the certificate DER representation */
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	791 derCert = &(crt_dat->derCert);
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	792
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	793 /* Make a hash! */
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	794 sha1sum = g_byte_array_sized_new(hashlen);
19631 578b3c67d52c - ssl-nss now reports a certificate's sha1sum correctly William Ehlhardt <williamehlhardt@gmail.com> parents: 19508 diff changeset	795 /* glib leaves the size as 0 by default */
578b3c67d52c - ssl-nss now reports a certificate's sha1sum correctly William Ehlhardt <williamehlhardt@gmail.com> parents: 19508 diff changeset	796 sha1sum->len = hashlen;
578b3c67d52c - ssl-nss now reports a certificate's sha1sum correctly William Ehlhardt <williamehlhardt@gmail.com> parents: 19508 diff changeset	797
19074 3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	798 st = PK11_HashBuf(SEC_OID_SHA1, sha1sum->data,
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	799 derCert->data, derCert->len);
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	800
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	801 /* Check for errors */
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	802 if (st != SECSuccess) {
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	803 g_byte_array_free(sha1sum, TRUE);
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	804 purple_debug_error("nss/x509",
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	805 "Error: hashing failed!\n");
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	806 return NULL;
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	807 }
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	808
3004bfa0e846 - x509_nss sha1sum William Ehlhardt <williamehlhardt@gmail.com> parents: 19073 diff changeset	809 return sha1sum;
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	810 }
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	811
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	812 static gchar *
19987 eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	813 x509_dn (PurpleCertificate *crt)
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	814 {
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	815 CERTCertificate *crt_dat;
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	816
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	817 g_return_val_if_fail(crt, NULL);
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	818 g_return_val_if_fail(crt->scheme == &x509_nss, NULL);
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	819
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	820 crt_dat = X509_NSS_DATA(crt);
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	821 g_return_val_if_fail(crt_dat, NULL);
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	822
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	823 return g_strdup(crt_dat->subjectName);
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	824 }
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	825
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	826 static gchar *
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	827 x509_issuer_dn (PurpleCertificate *crt)
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	828 {
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	829 CERTCertificate *crt_dat;
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	830
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	831 g_return_val_if_fail(crt, NULL);
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	832 g_return_val_if_fail(crt->scheme == &x509_nss, NULL);
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	833
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	834 crt_dat = X509_NSS_DATA(crt);
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	835 g_return_val_if_fail(crt_dat, NULL);
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	836
24356 ab5a49e46e38 x509_issuer_dn() should return the certificate's issuer name, not the cert Stu Tomlinson <stu@nosnilmot.com> parents: 24294 diff changeset	837 return g_strdup(crt_dat->issuerName);
19987 eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	838 }
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	839
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	840 static gchar *
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	841 x509_common_name (PurpleCertificate *crt)
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	842 {
19071 d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	843 CERTCertificate *crt_dat;
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	844 char *nss_cn;
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	845 gchar *ret_cn;
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	846
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	847 g_return_val_if_fail(crt, NULL);
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	848 g_return_val_if_fail(crt->scheme == &x509_nss, NULL);
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	849
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	850 crt_dat = X509_NSS_DATA(crt);
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	851 g_return_val_if_fail(crt_dat, NULL);
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	852
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	853 /* Q:
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	854 Why get a newly allocated string out of NSS, strdup it, and then
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	855 return the new copy?
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	856
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	857 A:
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	858 The NSS LXR docs state that I should use the NSPR free functions on
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	859 the strings that the NSS cert functions return. Since the libpurple
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	860 API expects a g_free()-able string, we make our own copy and return
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	861 that.
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	862
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	863 NSPR is something of a prima donna. */
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	864
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	865 nss_cn = CERT_GetCommonName( &(crt_dat->subject) );
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	866 ret_cn = g_strdup(nss_cn);
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	867 PORT_Free(nss_cn);
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	868
d224a1e4b919 - x509_nss get_subject_name (x509_common_name) William Ehlhardt <williamehlhardt@gmail.com> parents: 19070 diff changeset	869 return ret_cn;
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	870 }
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	871
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	872 static gboolean
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	873 x509_check_name (PurpleCertificate crt, const gchar name)
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	874 {
19072 4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	875 CERTCertificate *crt_dat;
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	876 SECStatus st;
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	877
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	878 g_return_val_if_fail(crt, FALSE);
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	879 g_return_val_if_fail(crt->scheme == &x509_nss, FALSE);
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	880
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	881 crt_dat = X509_NSS_DATA(crt);
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	882 g_return_val_if_fail(crt_dat, FALSE);
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	883
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	884 st = CERT_VerifyCertName(crt_dat, name);
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	885
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	886 if (st == SECSuccess) {
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	887 return TRUE;
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	888 }
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	889 else if (st == SECFailure) {
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	890 return FALSE;
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	891 }
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	892
4bdf4ce3473b - ssl-nss x509_nss check_name William Ehlhardt <williamehlhardt@gmail.com> parents: 19071 diff changeset	893 /* If we get here...bad things! */
19508 f0c3497e2ea6 - Change g_assert to purple_debug_error William Ehlhardt <williamehlhardt@gmail.com> parents: 19273 diff changeset	894 purple_debug_error("nss/x509",
f0c3497e2ea6 - Change g_assert to purple_debug_error William Ehlhardt <williamehlhardt@gmail.com> parents: 19273 diff changeset	895 "x509_check_name fell through where it shouldn't "
f0c3497e2ea6 - Change g_assert to purple_debug_error William Ehlhardt <williamehlhardt@gmail.com> parents: 19273 diff changeset	896 "have.\n");
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	897 return FALSE;
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	898 }
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	899
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	900 static gboolean
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	901 x509_times (PurpleCertificate crt, time_t activation, time_t *expiration)
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	902 {
19073 2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	903 CERTCertificate *crt_dat;
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	904 PRTime nss_activ, nss_expir;
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	905
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	906 g_return_val_if_fail(crt, FALSE);
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	907 g_return_val_if_fail(crt->scheme == &x509_nss, FALSE);
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	908
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	909 crt_dat = X509_NSS_DATA(crt);
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	910 g_return_val_if_fail(crt_dat, FALSE);
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	911
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	912 /* Extract the times into ugly PRTime thingies */
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	913 /* TODO: Maybe this shouldn't throw an error? */
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	914 g_return_val_if_fail(
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	915 SECSuccess == CERT_GetCertTimes(crt_dat,
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	916 &nss_activ, &nss_expir),
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	917 FALSE);
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	918
19989 4f870bb6d3e6 - Fix ssl-nss x509 to properly convert NSPR PRTime to time_t (in William Ehlhardt <williamehlhardt@gmail.com> parents: 19987 diff changeset	919 /* NSS's native PRTime type almost corresponds to time_t; however,
4f870bb6d3e6 - Fix ssl-nss x509 to properly convert NSPR PRTime to time_t (in William Ehlhardt <williamehlhardt@gmail.com> parents: 19987 diff changeset	920 it measures microseconds since the epoch, not seconds. Hence
4f870bb6d3e6 - Fix ssl-nss x509 to properly convert NSPR PRTime to time_t (in William Ehlhardt <williamehlhardt@gmail.com> parents: 19987 diff changeset	921 the funny conversion. */
19073 2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	922 if (activation) {
19989 4f870bb6d3e6 - Fix ssl-nss x509 to properly convert NSPR PRTime to time_t (in William Ehlhardt <williamehlhardt@gmail.com> parents: 19987 diff changeset	923 *activation = nss_activ / 1000000;
19073 2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	924 }
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	925 if (expiration) {
19989 4f870bb6d3e6 - Fix ssl-nss x509 to properly convert NSPR PRTime to time_t (in William Ehlhardt <williamehlhardt@gmail.com> parents: 19987 diff changeset	926 *expiration = nss_expir / 1000000;
19073 2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	927 }
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	928
2156321c5482 - x509_nss get_times William Ehlhardt <williamehlhardt@gmail.com> parents: 19072 diff changeset	929 return TRUE;
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	930 }
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	931
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	932 static PurpleCertificateScheme x509_nss = {
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	933 "x509", /* Scheme name */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	934 N_("X.509 Certificates"), /* User-visible scheme name */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	935 x509_import_from_file, /* Certificate import function */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	936 x509_export_certificate, /* Certificate export function */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	937 x509_copy_certificate, /* Copy */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	938 x509_destroy_certificate, /* Destroy cert */
19987 eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	939 x509_signed_by, /* Signed-by */
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	940 x509_sha1sum, /* SHA1 fingerprint */
19987 eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	941 x509_dn, /* Unique ID */
eda223b50bdc - Make ssl-nss unique_id and issuer_unique_id work William Ehlhardt <williamehlhardt@gmail.com> parents: 19681 diff changeset	942 x509_issuer_dn, /* Issuer Unique ID */
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	943 x509_common_name, /* Subject name */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	944 x509_check_name, /* Check subject name */
19649 450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19631 diff changeset	945 x509_times, /* Activation/Expiration time */
29647 c35fd54ec64b Implement reading multiple certificates from a single "bundle" of Stu Tomlinson <stu@nosnilmot.com> parents: 27670 diff changeset	946 x509_importcerts_from_file, /* Multiple certificate import function */
19649 450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19631 diff changeset	947
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19631 diff changeset	948 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19631 diff changeset	949 NULL,
450f4a3c4c0f - Add purple_reserved fields to various structures. William Ehlhardt <williamehlhardt@gmail.com> parents: 19631 diff changeset	950 NULL
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	951 };
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	952
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	953 static PurpleSslOps ssl_ops =
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	954 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	955 ssl_nss_init,
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	956 ssl_nss_uninit,
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	957 ssl_nss_connect,
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	958 ssl_nss_close,
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	959 ssl_nss_read,
16665 6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	960 ssl_nss_write,
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	961 ssl_nss_peer_certs,
16665 6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	962
6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	963 /* padding */
6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	964 NULL,
6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	965 NULL,
6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	966 NULL
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	967 };
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	968
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	969
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	970 static gboolean
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	971 plugin_load(PurplePlugin *plugin)
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	972 {
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	973 if (!purple_ssl_get_ops()) {
32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	974 purple_ssl_set_ops(&ssl_ops);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	975 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	976
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	977 /* Init NSS now, so others can use it even if sslconn never does */
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	978 ssl_nss_init_nss();
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	979
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	980 /* Register the X.509 functions we provide */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	981 purple_certificate_register_scheme(&x509_nss);
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	982
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	983 return TRUE;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	984 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	985
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	986 static gboolean
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	987 plugin_unload(PurplePlugin *plugin)
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	988 {
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	989 if (purple_ssl_get_ops() == &ssl_ops) {
32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	990 purple_ssl_set_ops(NULL);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	991 }
19068 9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	992
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	993 /* Unregister our X.509 functions */
9ac0fbb569a5 - Skeleton for ssl-nss x509 provider William Ehlhardt <williamehlhardt@gmail.com> parents: 17566 diff changeset	994 purple_certificate_unregister_scheme(&x509_nss);
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	995
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	996 return TRUE;
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	997 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	998
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	999 static PurplePluginInfo info =
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1000 {
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	1001 PURPLE_PLUGIN_MAGIC,
32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	1002 PURPLE_MAJOR_VERSION,
32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	1003 PURPLE_MINOR_VERSION,
32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	1004 PURPLE_PLUGIN_STANDARD, /*< type /
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1005 NULL, /*< ui_requirement /
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	1006 PURPLE_PLUGIN_FLAG_INVISIBLE, /*< flags /
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1007 NULL, /*< dependencies /
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	1008 PURPLE_PRIORITY_DEFAULT, /*< priority /
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1009
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1010 SSL_NSS_PLUGIN_ID, /*< id /
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1011 N_("NSS"), /*< name /
21030 3cc856ca2338 Add a --with-extraversion option to ./configure so packagers can fine tune Stu Tomlinson <stu@nosnilmot.com> parents: 20329 diff changeset	1012 DISPLAY_VERSION, /*< version /
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1013 /** summary */
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1014 N_("Provides SSL support through Mozilla NSS."),
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1015 /** description */
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1016 N_("Provides SSL support through Mozilla NSS."),
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1017 "Christian Hammond <chipx86@gnupdate.org>",
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	1018 PURPLE_WEBSITE, /*< homepage /
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1019
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1020 plugin_load, /*< load /
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1021 plugin_unload, /*< unload /
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1022 NULL, /*< destroy /
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1023
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1024 NULL, /*< ui_info /
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1025 NULL, /*< extra_info /
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1026 NULL, /*< prefs_info /
16665 6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	1027 NULL, /*< actions /
6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	1028
6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	1029 /* padding */
6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	1030 NULL,
6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	1031 NULL,
6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	1032 NULL,
6531f1a2e1d7 Added NULL pads to ssl stuff Gary Kramlich <grim@reaperworld.com> parents: 16098 diff changeset	1033 NULL
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1034 };
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1035
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1036 static void
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	1037 init_plugin(PurplePlugin *plugin)
15373 5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1038 {
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1039 }
5fe8042783c1 Rename gtk/ and libgaim/ to pidgin/ and libpurple/ Sean Egan <seanegan@gmail.com> parents: diff changeset	1040
15822 32c366eeeb99 sed -ie 's/gaim/purple/g' Sean Egan <seanegan@gmail.com> parents: 15373 diff changeset	1041 PURPLE_INIT_PLUGIN(ssl_nss, init_plugin, info)

Mercurial > pidgin

annotate libpurple/plugins/ssl/ssl-nss.c @ 29659:df9de37e0274