- Timestamp:
- 2011-12-29T20:30:43Z (13 years ago)
- Branches:
- master
- Children:
- 6451d27
- Parents:
- 3558fea
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
lib/ssl_gnutls.c
r3558fea r59cd92b 2 2 * BitlBee -- An IRC to other IM-networks gateway * 3 3 * * 4 * Copyright 2002-20 04Wilmer van der Gaast and others *4 * Copyright 2002-2011 Wilmer van der Gaast and others * 5 5 \********************************************************************/ 6 6 … … 38 38 39 39 static gboolean initialized = FALSE; 40 gnutls_certificate_credentials xcred; 40 41 41 42 #include <limits.h> … … 60 61 61 62 gnutls_session session; 62 gnutls_certificate_credentials xcred;63 63 }; 64 64 … … 67 67 static gboolean ssl_handshake( gpointer data, gint source, b_input_condition cond ); 68 68 69 static void ssl_deinit( void ); 69 70 70 71 void ssl_init( void ) … … 74 75 75 76 gnutls_global_init(); 77 gnutls_certificate_allocate_credentials( &xcred ); 78 if( global.conf->cafile ) 79 { 80 gnutls_certificate_set_x509_trust_file( xcred, global.conf->cafile, GNUTLS_X509_FMT_PEM ); 81 /* TODO: Do we want/need this? */ 82 gnutls_certificate_set_verify_flags( xcred, GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT ); 83 } 76 84 initialized = TRUE; 77 atexit( gnutls_global_deinit ); 85 86 atexit( ssl_deinit ); 87 } 88 89 static void ssl_deinit( void ) 90 { 91 gnutls_global_deinit(); 92 gnutls_certificate_free_credentials( xcred ); 78 93 } 79 94 … … 145 160 const char *hostname; 146 161 147 hostname = gnutls_session_get_ptr( session );162 hostname = gnutls_session_get_ptr( session ); 148 163 149 164 gnutlsret = gnutls_certificate_verify_peers2( session, &status ); … … 245 260 ssl_init(); 246 261 247 gnutls_certificate_allocate_credentials( &conn->xcred );248 if( conn->verify && global.conf->cafile )249 {250 gnutls_certificate_set_x509_trust_file( conn->xcred, global.conf->cafile, GNUTLS_X509_FMT_PEM );251 gnutls_certificate_set_verify_flags( conn->xcred, GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT );252 }253 254 262 gnutls_init( &conn->session, GNUTLS_CLIENT ); 255 263 if( conn->verify ) … … 259 267 #endif 260 268 gnutls_set_default_priority( conn->session ); 261 gnutls_credentials_set( conn->session, GNUTLS_CRD_CERTIFICATE, conn->xcred );269 gnutls_credentials_set( conn->session, GNUTLS_CRD_CERTIFICATE, xcred ); 262 270 263 271 sock_make_nonblocking( conn->fd ); … … 284 292 285 293 gnutls_deinit( conn->session ); 286 gnutls_certificate_free_credentials( conn->xcred );287 294 closesocket( conn->fd ); 288 295 … … 297 304 298 305 gnutls_deinit( conn->session ); 299 gnutls_certificate_free_credentials( conn->xcred );300 306 closesocket( conn->fd ); 301 307 … … 385 391 if( conn->session ) 386 392 gnutls_deinit( conn->session ); 387 if( conn->xcred )388 gnutls_certificate_free_credentials( conn->xcred );389 393 g_free( conn ); 390 394 }
Note: See TracChangeset
for help on using the changeset viewer.