Changeset 792a93b for lib/ssl_nss.c


Ignore:
Timestamp:
2011-12-23T12:44:08Z (12 years ago)
Author:
Wilmer van der Gaast <wilmer@…>
Branches:
master
Children:
200e151
Parents:
2d93a51e (diff), 41658da (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Merging SSL certificate verification for GnuTLS, with help from AopicieR.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • lib/ssl_nss.c

    r2d93a51e r792a93b  
    5252        PRFileDesc *prfd;
    5353        gboolean established;
     54        gboolean verify;
    5455};
    5556
     
    102103}
    103104
    104 void *ssl_connect( char *host, int port, ssl_input_function func, gpointer data )
     105void *ssl_connect( char *host, int port, gboolean verify, ssl_input_function func, gpointer data )
    105106{
    106107        struct scd *conn = g_new0( struct scd, 1 );
     
    132133}
    133134
    134 void *ssl_starttls( int fd, ssl_input_function func, gpointer data )
     135void *ssl_starttls( int fd, char *hostname, gboolean verify, ssl_input_function func, gpointer data )
    135136{
    136137        struct scd *conn = g_new0( struct scd, 1 );
     
    139140        conn->func = func;
    140141        conn->data = data;
     142        conn->verify = verify;
    141143
    142144        /* This function should be called via a (short) timeout instead of
     
    157159{
    158160        struct scd *conn = data;
     161       
     162        /* Right now we don't have any verification functionality for nss so we
     163           fail in case verification has been requested by the user. */
     164
     165        if( conn->verify )
     166        {
     167                conn->func( conn->data, NSS_VERIFY_ERROR, NULL, cond );
     168                if( source >= 0 ) closesocket( source );
     169                g_free( conn );
     170
     171                return FALSE;
     172        }
    159173       
    160174        if( source == -1 )
     
    177191       
    178192        conn->established = TRUE;
    179         conn->func( conn->data, conn, cond );
     193        conn->func( conn->data, 0, conn, cond );
    180194        return FALSE;
    181195       
    182196        ssl_connected_failure:
    183197       
    184         conn->func( conn->data, NULL, cond );
     198        conn->func( conn->data, 0, NULL, cond );
    185199       
    186200        PR_Close( conn -> prfd );
     
    238252        return B_EV_IO_READ;
    239253}
     254
     255char *ssl_verify_strerror( int code )
     256{
     257        return g_strdup( "SSL certificate verification not supported by BitlBee NSS code." );
     258}
Note: See TracChangeset for help on using the changeset viewer.