Mercurial > pidgin
comparison libpurple/certificate.c @ 19271:c28e1afe691b
In x509_ca pool:
- Add commentary on the lazy initialization used
- Change the CA certs path to DATADIR/purple/ca-certs, as it should be
| author | William Ehlhardt <williamehlhardt@gmail.com> |
|---|---|
| date | Tue, 14 Aug 2007 06:41:47 +0000 |
| parents | 8b2b9765fe64 |
| children | e93db0c87b26 |
comparison
equal
deleted
inserted
replaced
| 19270:fb4a1fb9ce8a | 19271:c28e1afe691b |
|---|---|
| 607 purple_certificate_destroy(el->crt); | 607 purple_certificate_destroy(el->crt); |
| 608 g_free(el); | 608 g_free(el); |
| 609 } | 609 } |
| 610 | 610 |
| 611 /** System directory to probe for CA certificates */ | 611 /** System directory to probe for CA certificates */ |
| 612 /* TODO: The current path likely won't work on anything but Debian! Fix! */ | 612 /* This is set in the lazy_init function */ |
| 613 static const gchar *x509_ca_syspath = "/etc/ssl/certs/"; | 613 static const gchar *x509_ca_syspath = NULL; |
| 614 | 614 |
| 615 /** A list of loaded CAs, populated from the above path whenever the lazy_init | 615 /** A list of loaded CAs, populated from the above path whenever the lazy_init |
| 616 happens. Contains pointers to x509_ca_elements */ | 616 happens. Contains pointers to x509_ca_elements */ |
| 617 static GList *x509_ca_certs = NULL; | 617 static GList *x509_ca_certs = NULL; |
| 618 | 618 |
| 640 x509_ca_certs = g_list_prepend(x509_ca_certs, el); | 640 x509_ca_certs = g_list_prepend(x509_ca_certs, el); |
| 641 | 641 |
| 642 return TRUE; | 642 return TRUE; |
| 643 } | 643 } |
| 644 | 644 |
| 645 /* Since the libpurple CertificatePools get registered before plugins are | |
| 646 loaded, an X.509 Scheme is generally not available when x509_ca_init is | |
| 647 called, but x509_ca requires X.509 operations in order to properly load. | |
| 648 | |
| 649 To solve this, I present the lazy_init function. It attempts to finish | |
| 650 initialization of the Pool, but it usually fails when it is called from | |
| 651 x509_ca_init. However, this is OK; initialization is then simply deferred | |
| 652 until someone tries to use functions from the pool. */ | |
| 645 static gboolean | 653 static gboolean |
| 646 x509_ca_lazy_init(void) | 654 x509_ca_lazy_init(void) |
| 647 { | 655 { |
| 648 PurpleCertificateScheme *x509; | 656 PurpleCertificateScheme *x509; |
| 649 GDir *certdir; | 657 GDir *certdir; |
| 658 purple_debug_info("certificate/x509/ca", | 666 purple_debug_info("certificate/x509/ca", |
| 659 "Lazy init failed because an X.509 Scheme " | 667 "Lazy init failed because an X.509 Scheme " |
| 660 "is not yet registered. Maybe it will be " | 668 "is not yet registered. Maybe it will be " |
| 661 "better later.\n"); | 669 "better later.\n"); |
| 662 return FALSE; | 670 return FALSE; |
| 671 } | |
| 672 | |
| 673 /* Attempt to point at the appropriate system path */ | |
| 674 if (NULL == x509_ca_syspath) { | |
| 675 x509_ca_syspath = g_build_filename(DATADIR, | |
| 676 "purple", "ca-certs", NULL); | |
| 663 } | 677 } |
| 664 | 678 |
| 665 /* Populate the certificates pool from the system path */ | 679 /* Populate the certificates pool from the system path */ |
| 666 certdir = g_dir_open(x509_ca_syspath, 0, NULL); | 680 certdir = g_dir_open(x509_ca_syspath, 0, NULL); |
| 667 g_return_val_if_fail(certdir, FALSE); | 681 g_return_val_if_fail(certdir, FALSE); |