libpurple/plugins/ssl/ssl-nss.c@772b691e901b (annotated)
libpurple/plugins/ssl/ssl-nss.c
Sat, 18 Aug 2007 05:54:49 +0000
- author
- William Ehlhardt <williamehlhardt@gmail.com>
- date
- Sat, 18 Aug 2007 05:54:49 +0000
- branch
- soc.2007.certmgr
- changeset 19489
- 772b691e901b
- parent 19486
- 83d0375f1784
- child 19671
- 3848f6f679fd
- permissions
- -rw-r--r--
- Add purple_certificate_display_x509
| 7016 | 1 | /** |
| 2 | * @file ssl-nss.c Mozilla NSS SSL plugin. | |
| 3 | * | |
| 15884 | 4 | * purple |
| 7016 | 5 | * |
| 6 | * Copyright (C) 2003 Christian Hammond <chipx86@gnupdate.org> | |
| 7 | * | |
| 8 | * This program is free software; you can redistribute it and/or modify | |
| 9 | * it under the terms of the GNU General Public License as published by | |
| 10 | * the Free Software Foundation; either version 2 of the License, or | |
| 11 | * (at your option) any later version. | |
| 12 | * | |
| 13 | * This program is distributed in the hope that it will be useful, | |
| 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 16 | * GNU General Public License for more details. | |
| 17 | * | |
| 18 | * You should have received a copy of the GNU General Public License | |
| 19 | * along with this program; if not, write to the Free Software | |
| 20 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
| 21 | */ | |
| 22 | #include "internal.h" | |
|
7051
8ddb8f560399
[gaim-migrate @ 7614]
Christian Hammond <chipx86@chipx86.com>
parents:
7050
diff
changeset
|
23 | #include "debug.h" |
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
24 | #include "certificate.h" |
| 7016 | 25 | #include "plugin.h" |
|
7051
8ddb8f560399
[gaim-migrate @ 7614]
Christian Hammond <chipx86@chipx86.com>
parents:
7050
diff
changeset
|
26 | #include "sslconn.h" |
| 9943 | 27 | #include "version.h" |
| 7016 | 28 | |
|
7029
fe690e0607ec
[gaim-migrate @ 7592]
Christian Hammond <chipx86@chipx86.com>
parents:
7028
diff
changeset
|
29 | #define SSL_NSS_PLUGIN_ID "ssl-nss" |
| 7016 | 30 | |
| 31 | #ifdef HAVE_NSS | |
| 32 | ||
|
9582
68facdf2b52d
[gaim-migrate @ 10425]
Christian Hammond <chipx86@chipx86.com>
parents:
8749
diff
changeset
|
33 | #undef HAVE_LONG_LONG /* Make Mozilla less angry. If angry, Mozilla SMASH! */ |
|
68facdf2b52d
[gaim-migrate @ 10425]
Christian Hammond <chipx86@chipx86.com>
parents:
8749
diff
changeset
|
34 | |
| 7016 | 35 | #include <nspr.h> |
| 36 | #include <nss.h> | |
| 37 | #include <pk11func.h> | |
| 38 | #include <prio.h> | |
| 39 | #include <secerr.h> | |
| 40 | #include <secmod.h> | |
| 41 | #include <ssl.h> | |
| 42 | #include <sslerr.h> | |
| 43 | #include <sslproto.h> | |
| 44 | ||
|
17673
efba6798f37e
Avoid including NSPR's private header pprio.h just for the prototype of
Stu Tomlinson <nosnilmot@pidgin.im>
parents:
17623
diff
changeset
|
45 | /* This is defined in NSPR's <private/pprio.h>, but to avoid including a |
|
efba6798f37e
Avoid including NSPR's private header pprio.h just for the prototype of
Stu Tomlinson <nosnilmot@pidgin.im>
parents:
17623
diff
changeset
|
46 | * private header we duplicate the prototype here */ |
|
efba6798f37e
Avoid including NSPR's private header pprio.h just for the prototype of
Stu Tomlinson <nosnilmot@pidgin.im>
parents:
17623
diff
changeset
|
47 | NSPR_API(PRFileDesc*) PR_ImportTCPSocket(PRInt32 osfd); |
|
efba6798f37e
Avoid including NSPR's private header pprio.h just for the prototype of
Stu Tomlinson <nosnilmot@pidgin.im>
parents:
17623
diff
changeset
|
48 | |
| 7016 | 49 | typedef struct |
| 50 | { | |
| 51 | PRFileDesc *fd; | |
| 52 | PRFileDesc *in; | |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
53 | guint handshake_handler; |
| 7016 | 54 | |
| 15884 | 55 | } PurpleSslNssData; |
| 7016 | 56 | |
| 15884 | 57 | #define PURPLE_SSL_NSS_DATA(gsc) ((PurpleSslNssData *)gsc->private_data) |
| 7016 | 58 | |
| 59 | static const PRIOMethods *_nss_methods = NULL; | |
| 60 | static PRDescIdentity _identity; | |
| 61 | ||
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
62 | /* Thank you, Evolution */ |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
63 | static void |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
64 | set_errno(int code) |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
65 | { |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
66 | /* FIXME: this should handle more. */ |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
67 | switch (code) { |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
68 | case PR_INVALID_ARGUMENT_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
69 | errno = EINVAL; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
70 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
71 | case PR_PENDING_INTERRUPT_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
72 | errno = EINTR; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
73 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
74 | case PR_IO_PENDING_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
75 | errno = EAGAIN; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
76 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
77 | case PR_WOULD_BLOCK_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
78 | errno = EAGAIN; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
79 | /*errno = EWOULDBLOCK; */ |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
80 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
81 | case PR_IN_PROGRESS_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
82 | errno = EINPROGRESS; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
83 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
84 | case PR_ALREADY_INITIATED_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
85 | errno = EALREADY; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
86 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
87 | case PR_NETWORK_UNREACHABLE_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
88 | errno = EHOSTUNREACH; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
89 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
90 | case PR_CONNECT_REFUSED_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
91 | errno = ECONNREFUSED; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
92 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
93 | case PR_CONNECT_TIMEOUT_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
94 | case PR_IO_TIMEOUT_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
95 | errno = ETIMEDOUT; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
96 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
97 | case PR_NOT_CONNECTED_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
98 | errno = ENOTCONN; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
99 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
100 | case PR_CONNECT_RESET_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
101 | errno = ECONNRESET; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
102 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
103 | case PR_IO_ERROR: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
104 | default: |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
105 | errno = EIO; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
106 | break; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
107 | } |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
108 | } |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
109 | |
|
7993
3bfea94dd0eb
[gaim-migrate @ 8670]
Christian Hammond <chipx86@chipx86.com>
parents:
7862
diff
changeset
|
110 | static void |
|
7862
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
111 | ssl_nss_init_nss(void) |
|
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
112 | { |
|
10519
80801a34a246
[gaim-migrate @ 11833]
Stu Tomlinson <nosnilmot@pidgin.im>
parents:
10263
diff
changeset
|
113 | char *lib; |
|
7862
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
114 | PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); |
|
16866
2187f9250a16
Proabably fixes ticket #578, it's the recommended way of initializing NSS
Stu Tomlinson <nosnilmot@pidgin.im>
parents:
16744
diff
changeset
|
115 | NSS_NoDB_Init("."); |
|
7862
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
116 | |
|
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
117 | /* TODO: Fix this so autoconf does the work trying to find this lib. */ |
|
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
118 | #ifndef _WIN32 |
| 16158 | 119 | lib = g_strdup(LIBDIR "/libnssckbi.so"); |
|
7862
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
120 | #else |
|
10519
80801a34a246
[gaim-migrate @ 11833]
Stu Tomlinson <nosnilmot@pidgin.im>
parents:
10263
diff
changeset
|
121 | lib = g_strdup("nssckbi.dll"); |
|
7862
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
122 | #endif |
|
10519
80801a34a246
[gaim-migrate @ 11833]
Stu Tomlinson <nosnilmot@pidgin.im>
parents:
10263
diff
changeset
|
123 | SECMOD_AddNewModule("Builtins", lib, 0, 0); |
|
80801a34a246
[gaim-migrate @ 11833]
Stu Tomlinson <nosnilmot@pidgin.im>
parents:
10263
diff
changeset
|
124 | g_free(lib); |
|
7862
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
125 | NSS_SetDomesticPolicy(); |
|
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
126 | |
| 15884 | 127 | _identity = PR_GetUniqueIdentity("Purple"); |
|
7862
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
128 | _nss_methods = PR_GetDefaultIOMethods(); |
|
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
129 | } |
|
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
130 | |
| 7016 | 131 | static SECStatus |
| 132 | ssl_auth_cert(void *arg, PRFileDesc *socket, PRBool checksig, | |
| 133 | PRBool is_server) | |
| 134 | { | |
| 135 | return SECSuccess; | |
| 136 | ||
| 137 | #if 0 | |
| 138 | CERTCertificate *cert; | |
| 139 | void *pinArg; | |
| 140 | SECStatus status; | |
| 141 | ||
| 142 | cert = SSL_PeerCertificate(socket); | |
| 143 | pinArg = SSL_RevealPinArg(socket); | |
| 144 | ||
| 145 | status = CERT_VerifyCertNow((CERTCertDBHandle *)arg, cert, checksig, | |
| 146 | certUsageSSLClient, pinArg); | |
| 147 | ||
| 148 | if (status != SECSuccess) { | |
| 15884 | 149 | purple_debug_error("nss", "CERT_VerifyCertNow failed\n"); |
| 7016 | 150 | CERT_DestroyCertificate(cert); |
| 151 | return status; | |
| 152 | } | |
| 153 | ||
| 154 | CERT_DestroyCertificate(cert); | |
| 155 | return SECSuccess; | |
| 156 | #endif | |
| 157 | } | |
| 158 | ||
| 159 | static SECStatus | |
| 160 | ssl_bad_cert(void *arg, PRFileDesc *socket) | |
| 161 | { | |
| 162 | SECStatus status = SECFailure; | |
| 163 | PRErrorCode err; | |
| 164 | ||
| 165 | if (arg == NULL) | |
| 166 | return status; | |
| 167 | ||
| 168 | *(PRErrorCode *)arg = err = PORT_GetError(); | |
| 169 | ||
| 170 | switch (err) | |
| 171 | { | |
| 172 | case SEC_ERROR_INVALID_AVA: | |
| 173 | case SEC_ERROR_INVALID_TIME: | |
| 174 | case SEC_ERROR_BAD_SIGNATURE: | |
| 175 | case SEC_ERROR_EXPIRED_CERTIFICATE: | |
| 176 | case SEC_ERROR_UNKNOWN_ISSUER: | |
| 177 | case SEC_ERROR_UNTRUSTED_CERT: | |
| 178 | case SEC_ERROR_CERT_VALID: | |
| 179 | case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE: | |
| 180 | case SEC_ERROR_CRL_EXPIRED: | |
| 181 | case SEC_ERROR_CRL_BAD_SIGNATURE: | |
| 182 | case SEC_ERROR_EXTENSION_VALUE_INVALID: | |
| 183 | case SEC_ERROR_CA_CERT_INVALID: | |
| 184 | case SEC_ERROR_CERT_USAGES_INVALID: | |
| 185 | case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION: | |
| 186 | status = SECSuccess; | |
| 187 | break; | |
| 188 | ||
| 189 | default: | |
| 190 | status = SECFailure; | |
| 191 | break; | |
| 192 | } | |
| 193 | ||
| 15884 | 194 | purple_debug_error("nss", "Bad certificate: %d\n", err); |
| 7016 | 195 | |
| 196 | return status; | |
| 197 | } | |
| 198 | ||
| 199 | static gboolean | |
| 200 | ssl_nss_init(void) | |
| 201 | { | |
|
7862
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
202 | return TRUE; |
| 7016 | 203 | } |
| 204 | ||
| 205 | static void | |
| 206 | ssl_nss_uninit(void) | |
| 207 | { | |
| 208 | PR_Cleanup(); | |
| 209 | ||
| 210 | _nss_methods = NULL; | |
| 211 | } | |
| 212 | ||
| 213 | static void | |
| 15884 | 214 | ssl_nss_handshake_cb(gpointer data, int fd, PurpleInputCondition cond) |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
215 | { |
| 15884 | 216 | PurpleSslConnection *gsc = (PurpleSslConnection *)data; |
| 217 | PurpleSslNssData *nss_data = gsc->private_data; | |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
218 | |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
219 | /* I don't think this the best way to do this... |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
220 | * It seems to work because it'll eventually use the cached value |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
221 | */ |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
222 | if(SSL_ForceHandshake(nss_data->in) != SECSuccess) { |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
223 | set_errno(PR_GetError()); |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
224 | if (errno == EAGAIN || errno == EWOULDBLOCK) |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
225 | return; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
226 | |
| 15884 | 227 | purple_debug_error("nss", "Handshake failed %d\n", PR_GetError()); |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
228 | |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
229 | if (gsc->error_cb != NULL) |
| 15884 | 230 | gsc->error_cb(gsc, PURPLE_SSL_HANDSHAKE_FAILED, gsc->connect_cb_data); |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
231 | |
| 15884 | 232 | purple_ssl_close(gsc); |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
233 | |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
234 | return; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
235 | } |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
236 | |
| 15884 | 237 | purple_input_remove(nss_data->handshake_handler); |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
238 | nss_data->handshake_handler = 0; |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
239 | |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
240 | gsc->connect_cb(gsc->connect_cb_data, gsc, cond); |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
241 | } |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
242 | |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
243 | static void |
| 15884 | 244 | ssl_nss_connect(PurpleSslConnection *gsc) |
| 7016 | 245 | { |
| 15884 | 246 | PurpleSslNssData *nss_data = g_new0(PurpleSslNssData, 1); |
| 7016 | 247 | PRSocketOptionData socket_opt; |
| 248 | ||
| 249 | gsc->private_data = nss_data; | |
| 250 | ||
| 251 | nss_data->fd = PR_ImportTCPSocket(gsc->fd); | |
| 252 | ||
| 253 | if (nss_data->fd == NULL) | |
| 254 | { | |
| 15884 | 255 | purple_debug_error("nss", "nss_data->fd == NULL!\n"); |
| 7016 | 256 | |
| 8362 | 257 | if (gsc->error_cb != NULL) |
| 15884 | 258 | gsc->error_cb(gsc, PURPLE_SSL_CONNECT_FAILED, gsc->connect_cb_data); |
| 8362 | 259 | |
| 15884 | 260 | purple_ssl_close((PurpleSslConnection *)gsc); |
| 7016 | 261 | |
| 262 | return; | |
| 263 | } | |
| 264 | ||
| 265 | socket_opt.option = PR_SockOpt_Nonblocking; | |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
266 | socket_opt.value.non_blocking = PR_TRUE; |
| 7016 | 267 | |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
268 | if (PR_SetSocketOption(nss_data->fd, &socket_opt) != PR_SUCCESS) |
| 15884 | 269 | purple_debug_warning("nss", "unable to set socket into non-blocking mode: %d\n", PR_GetError()); |
| 7016 | 270 | |
| 271 | nss_data->in = SSL_ImportFD(NULL, nss_data->fd); | |
| 272 | ||
| 273 | if (nss_data->in == NULL) | |
| 274 | { | |
| 15884 | 275 | purple_debug_error("nss", "nss_data->in == NUL!\n"); |
| 7016 | 276 | |
| 8362 | 277 | if (gsc->error_cb != NULL) |
| 15884 | 278 | gsc->error_cb(gsc, PURPLE_SSL_CONNECT_FAILED, gsc->connect_cb_data); |
| 8362 | 279 | |
| 15884 | 280 | purple_ssl_close((PurpleSslConnection *)gsc); |
| 7016 | 281 | |
| 282 | return; | |
| 283 | } | |
| 284 | ||
| 285 | SSL_OptionSet(nss_data->in, SSL_SECURITY, PR_TRUE); | |
| 286 | SSL_OptionSet(nss_data->in, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE); | |
| 287 | ||
| 288 | SSL_AuthCertificateHook(nss_data->in, | |
| 289 | (SSLAuthCertificate)ssl_auth_cert, | |
| 290 | (void *)CERT_GetDefaultCertDB()); | |
| 291 | SSL_BadCertHook(nss_data->in, (SSLBadCertHandler)ssl_bad_cert, NULL); | |
| 292 | ||
| 7157 | 293 | if(gsc->host) |
| 294 | SSL_SetURL(nss_data->in, gsc->host); | |
| 7016 | 295 | |
|
13264
f5db933aa42a
[gaim-migrate @ 15629]
Björn Voigt <bjoern@cs.tu-berlin.de>
parents:
13201
diff
changeset
|
296 | #if 0 |
|
f5db933aa42a
[gaim-migrate @ 15629]
Björn Voigt <bjoern@cs.tu-berlin.de>
parents:
13201
diff
changeset
|
297 | /* This seems like it'd the be the correct way to implement the |
|
f5db933aa42a
[gaim-migrate @ 15629]
Björn Voigt <bjoern@cs.tu-berlin.de>
parents:
13201
diff
changeset
|
298 | nonblocking stuff, but it doesn't seem to work */ |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
299 | SSL_HandshakeCallback(nss_data->in, |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
300 | (SSLHandshakeCallback) ssl_nss_handshake_cb, gsc); |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
301 | #endif |
| 7016 | 302 | SSL_ResetHandshake(nss_data->in, PR_FALSE); |
| 303 | ||
| 15884 | 304 | nss_data->handshake_handler = purple_input_add(gsc->fd, |
| 305 | PURPLE_INPUT_READ, ssl_nss_handshake_cb, gsc); | |
|
7274
42ec5f56e32a
[gaim-migrate @ 7851]
Christian Hammond <chipx86@chipx86.com>
parents:
7157
diff
changeset
|
306 | |
| 15884 | 307 | ssl_nss_handshake_cb(gsc, gsc->fd, PURPLE_INPUT_READ); |
| 7016 | 308 | } |
| 309 | ||
| 310 | static void | |
| 15884 | 311 | ssl_nss_close(PurpleSslConnection *gsc) |
| 7016 | 312 | { |
| 15884 | 313 | PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc); |
| 7016 | 314 | |
| 7467 | 315 | if(!nss_data) |
| 316 | return; | |
| 317 | ||
|
17623
4f45361d7e3b
A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is.
Daniel Atallah <datallah@pidgin.im>
parents:
16866
diff
changeset
|
318 | if (nss_data->in) { |
|
4f45361d7e3b
A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is.
Daniel Atallah <datallah@pidgin.im>
parents:
16866
diff
changeset
|
319 | PR_Close(nss_data->in); |
|
4f45361d7e3b
A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is.
Daniel Atallah <datallah@pidgin.im>
parents:
16866
diff
changeset
|
320 | gsc->fd = -1; |
|
4f45361d7e3b
A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is.
Daniel Atallah <datallah@pidgin.im>
parents:
16866
diff
changeset
|
321 | } else if (nss_data->fd) { |
|
4f45361d7e3b
A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is.
Daniel Atallah <datallah@pidgin.im>
parents:
16866
diff
changeset
|
322 | PR_Close(nss_data->fd); |
|
4f45361d7e3b
A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is.
Daniel Atallah <datallah@pidgin.im>
parents:
16866
diff
changeset
|
323 | gsc->fd = -1; |
|
4f45361d7e3b
A while ago, "Paranoid" emailed devel@p.i, having noticed that purple_ssl_close() closes the ssl fd twice. I meant to commit this fix sooner, but here it is.
Daniel Atallah <datallah@pidgin.im>
parents:
16866
diff
changeset
|
324 | } |
| 7016 | 325 | |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
326 | if (nss_data->handshake_handler) |
| 15884 | 327 | purple_input_remove(nss_data->handshake_handler); |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
328 | |
| 7016 | 329 | g_free(nss_data); |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
330 | gsc->private_data = NULL; |
| 7016 | 331 | } |
| 332 | ||
| 333 | static size_t | |
| 15884 | 334 | ssl_nss_read(PurpleSslConnection *gsc, void *data, size_t len) |
| 7016 | 335 | { |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
336 | ssize_t ret; |
| 15884 | 337 | PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc); |
| 7016 | 338 | |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
339 | ret = PR_Read(nss_data->in, data, len); |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
340 | |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
341 | if (ret == -1) |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
342 | set_errno(PR_GetError()); |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
343 | |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
344 | return ret; |
| 7016 | 345 | } |
| 346 | ||
| 347 | static size_t | |
| 15884 | 348 | ssl_nss_write(PurpleSslConnection *gsc, const void *data, size_t len) |
| 7016 | 349 | { |
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
350 | ssize_t ret; |
| 15884 | 351 | PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc); |
| 7016 | 352 | |
| 7467 | 353 | if(!nss_data) |
| 354 | return 0; | |
| 355 | ||
|
13201
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
356 | ret = PR_Write(nss_data->in, data, len); |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
357 | |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
358 | if (ret == -1) |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
359 | set_errno(PR_GetError()); |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
360 | |
|
8c224ef70efa
[gaim-migrate @ 15563]
Daniel Atallah <datallah@pidgin.im>
parents:
12209
diff
changeset
|
361 | return ret; |
| 7016 | 362 | } |
| 363 | ||
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
364 | static GList * |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
365 | ssl_nss_peer_certs(PurpleSslConnection *gsc) |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
366 | { |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
367 | PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc); |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
368 | GList *chain = NULL; |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
369 | CERTCertificate *cert; |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
370 | void *pinArg; |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
371 | SECStatus status; |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
372 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
373 | /* TODO: this is a blind guess */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
374 | cert = SSL_PeerCertificate(nss_data->fd); |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
375 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
376 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
377 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
378 | return NULL; |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
379 | } |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
380 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
381 | /************************************************************************/ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
382 | /* X.509 functionality */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
383 | /************************************************************************/ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
384 | static PurpleCertificateScheme x509_nss; |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
385 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
386 | /** Helpr macro to retrieve the NSS certdata from a PurpleCertificate */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
387 | #define X509_NSS_DATA(pcrt) ( (CERTCertificate * ) (pcrt->data) ) |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
388 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
389 | /** Imports a PEM-formatted X.509 certificate from the specified file. |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
390 | * @param filename Filename to import from. Format is PEM |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
391 | * |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
392 | * @return A newly allocated Certificate structure of the x509_gnutls scheme |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
393 | */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
394 | static PurpleCertificate * |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
395 | x509_import_from_file(const gchar *filename) |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
396 | { |
|
19486
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
397 | gchar *rawcert; |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
398 | gsize len = 0; |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
399 | CERTCertificate *crt_dat; |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
400 | PurpleCertificate *crt; |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
401 | |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
402 | g_return_val_if_fail(filename, NULL); |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
403 | |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
404 | purple_debug_info("nss/x509", |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
405 | "Loading certificate from %s\n", |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
406 | filename); |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
407 | |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
408 | /* Load the raw data up */ |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
409 | g_return_val_if_fail( |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
410 | g_file_get_contents(filename, |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
411 | &rawcert, &len, |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
412 | NULL ), |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
413 | NULL); |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
414 | |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
415 | /* Decode the certificate */ |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
416 | crt_dat = CERT_DecodeCertFromPackage(rawcert, len); |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
417 | g_free(rawcert); |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
418 | |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
419 | g_return_val_if_fail(crt_dat, NULL); |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
420 | |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
421 | crt = g_new0(PurpleCertificate, 1); |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
422 | crt->scheme = &x509_nss; |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
423 | crt->data = crt_dat; |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
424 | |
|
83d0375f1784
- Add x509_import_from_file
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19485
diff
changeset
|
425 | return crt; |
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
426 | } |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
427 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
428 | /** |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
429 | * Exports a PEM-formatted X.509 certificate to the specified file. |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
430 | * @param filename Filename to export to. Format will be PEM |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
431 | * @param crt Certificate to export |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
432 | * |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
433 | * @return TRUE if success, otherwise FALSE |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
434 | */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
435 | static gboolean |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
436 | x509_export_certificate(const gchar *filename, PurpleCertificate *crt) |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
437 | { |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
438 | /* TODO: WRITEME */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
439 | return FALSE; |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
440 | } |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
441 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
442 | static PurpleCertificate * |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
443 | x509_copy_certificate(PurpleCertificate *crt) |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
444 | { |
|
19009
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
445 | CERTCertificate *crt_dat; |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
446 | PurpleCertificate *newcrt; |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
447 | |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
448 | g_return_val_if_fail(crt, NULL); |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
449 | g_return_val_if_fail(crt->scheme == &x509_nss, NULL); |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
450 | |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
451 | crt_dat = X509_NSS_DATA(crt); |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
452 | g_return_val_if_fail(crt_dat, NULL); |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
453 | |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
454 | /* Create the certificate copy */ |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
455 | newcrt = g_new0(PurpleCertificate, 1); |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
456 | newcrt->scheme = &x509_nss; |
|
19023
547e94194c7a
- Comment on NSS's refcounting prowess
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
457 | /* NSS does refcounting automatically */ |
|
19009
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
458 | newcrt->data = CERT_DupCertificate(crt_dat); |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
459 | |
|
01fe9523e6d6
- x509_nss copy op
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19008
diff
changeset
|
460 | return newcrt; |
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
461 | } |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
462 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
463 | /** Frees a Certificate |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
464 | * |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
465 | * Destroys a Certificate's internal data structures and frees the pointer |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
466 | * given. |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
467 | * @param crt Certificate instance to be destroyed. It WILL NOT be destroyed |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
468 | * if it is not of the correct CertificateScheme. Can be NULL |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
469 | * |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
470 | */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
471 | static void |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
472 | x509_destroy_certificate(PurpleCertificate * crt) |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
473 | { |
|
19010
ad839d846fae
- x509_nss destroy_certificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
474 | CERTCertificate *crt_dat; |
|
ad839d846fae
- x509_nss destroy_certificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
475 | |
|
ad839d846fae
- x509_nss destroy_certificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
476 | g_return_if_fail(crt); |
|
ad839d846fae
- x509_nss destroy_certificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
477 | g_return_if_fail(crt->scheme == &x509_nss); |
|
ad839d846fae
- x509_nss destroy_certificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
478 | |
|
ad839d846fae
- x509_nss destroy_certificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
479 | crt_dat = X509_NSS_DATA(crt); |
|
ad839d846fae
- x509_nss destroy_certificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
480 | g_return_if_fail(crt_dat); |
|
ad839d846fae
- x509_nss destroy_certificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
481 | |
|
ad839d846fae
- x509_nss destroy_certificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
482 | /* Finally we have the certificate. So let's kill it */ |
|
19023
547e94194c7a
- Comment on NSS's refcounting prowess
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19014
diff
changeset
|
483 | /* NSS does refcounting automatically */ |
|
19010
ad839d846fae
- x509_nss destroy_certificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19009
diff
changeset
|
484 | CERT_DestroyCertificate(crt_dat); |
|
19027
921b7e331382
- x509_destroy_certificate is supposed to free the PurpleCertificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19023
diff
changeset
|
485 | |
|
921b7e331382
- x509_destroy_certificate is supposed to free the PurpleCertificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19023
diff
changeset
|
486 | /* Delete the PurpleCertificate as well */ |
|
921b7e331382
- x509_destroy_certificate is supposed to free the PurpleCertificate
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19023
diff
changeset
|
487 | g_free(crt); |
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
488 | } |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
489 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
490 | /** Determines whether one certificate has been issued and signed by another |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
491 | * |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
492 | * @param crt Certificate to check the signature of |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
493 | * @param issuer Issuer's certificate |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
494 | * |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
495 | * @return TRUE if crt was signed and issued by issuer, otherwise FALSE |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
496 | * @TODO Modify this function to return a reason for invalidity? |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
497 | */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
498 | static gboolean |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
499 | x509_certificate_signed_by(PurpleCertificate * crt, |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
500 | PurpleCertificate * issuer) |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
501 | { |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
502 | return FALSE; |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
503 | } |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
504 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
505 | static GByteArray * |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
506 | x509_sha1sum(PurpleCertificate *crt) |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
507 | { |
|
19014
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
508 | CERTCertificate *crt_dat; |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
509 | size_t hashlen = 20; /* Size of an sha1sum */ |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
510 | GByteArray *sha1sum; |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
511 | SECItem *derCert; /* DER representation of the cert */ |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
512 | SECStatus st; |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
513 | |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
514 | g_return_val_if_fail(crt, NULL); |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
515 | g_return_val_if_fail(crt->scheme == &x509_nss, NULL); |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
516 | |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
517 | crt_dat = X509_NSS_DATA(crt); |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
518 | g_return_val_if_fail(crt_dat, NULL); |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
519 | |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
520 | /* Get the certificate DER representation */ |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
521 | derCert = &(crt_dat->derCert); |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
522 | |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
523 | /* Make a hash! */ |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
524 | sha1sum = g_byte_array_sized_new(hashlen); |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
525 | st = PK11_HashBuf(SEC_OID_SHA1, sha1sum->data, |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
526 | derCert->data, derCert->len); |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
527 | |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
528 | /* Check for errors */ |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
529 | if (st != SECSuccess) { |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
530 | g_byte_array_free(sha1sum, TRUE); |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
531 | purple_debug_error("nss/x509", |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
532 | "Error: hashing failed!\n"); |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
533 | return NULL; |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
534 | } |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
535 | |
|
1a67cc27fb12
- x509_nss sha1sum
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19013
diff
changeset
|
536 | return sha1sum; |
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
537 | } |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
538 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
539 | static gchar * |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
540 | x509_common_name (PurpleCertificate *crt) |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
541 | { |
|
19011
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
542 | CERTCertificate *crt_dat; |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
543 | char *nss_cn; |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
544 | gchar *ret_cn; |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
545 | |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
546 | g_return_val_if_fail(crt, NULL); |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
547 | g_return_val_if_fail(crt->scheme == &x509_nss, NULL); |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
548 | |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
549 | crt_dat = X509_NSS_DATA(crt); |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
550 | g_return_val_if_fail(crt_dat, NULL); |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
551 | |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
552 | /* Q: |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
553 | Why get a newly allocated string out of NSS, strdup it, and then |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
554 | return the new copy? |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
555 | |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
556 | A: |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
557 | The NSS LXR docs state that I should use the NSPR free functions on |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
558 | the strings that the NSS cert functions return. Since the libpurple |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
559 | API expects a g_free()-able string, we make our own copy and return |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
560 | that. |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
561 | |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
562 | NSPR is something of a prima donna. */ |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
563 | |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
564 | nss_cn = CERT_GetCommonName( &(crt_dat->subject) ); |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
565 | ret_cn = g_strdup(nss_cn); |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
566 | PORT_Free(nss_cn); |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
567 | |
|
21cdaee203e8
- x509_nss get_subject_name (x509_common_name)
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19010
diff
changeset
|
568 | return ret_cn; |
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
569 | } |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
570 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
571 | static gboolean |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
572 | x509_check_name (PurpleCertificate *crt, const gchar *name) |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
573 | { |
|
19012
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
574 | CERTCertificate *crt_dat; |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
575 | SECStatus st; |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
576 | |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
577 | g_return_val_if_fail(crt, FALSE); |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
578 | g_return_val_if_fail(crt->scheme == &x509_nss, FALSE); |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
579 | |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
580 | crt_dat = X509_NSS_DATA(crt); |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
581 | g_return_val_if_fail(crt_dat, FALSE); |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
582 | |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
583 | st = CERT_VerifyCertName(crt_dat, name); |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
584 | |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
585 | if (st == SECSuccess) { |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
586 | return TRUE; |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
587 | } |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
588 | else if (st == SECFailure) { |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
589 | return FALSE; |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
590 | } |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
591 | |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
592 | /* If we get here...bad things! */ |
|
7813c38f34e9
- ssl-nss x509_nss check_name
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19011
diff
changeset
|
593 | g_assert(FALSE); |
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
594 | return FALSE; |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
595 | } |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
596 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
597 | static gboolean |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
598 | x509_times (PurpleCertificate *crt, time_t *activation, time_t *expiration) |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
599 | { |
|
19013
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
600 | CERTCertificate *crt_dat; |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
601 | PRTime nss_activ, nss_expir; |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
602 | |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
603 | g_return_val_if_fail(crt, FALSE); |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
604 | g_return_val_if_fail(crt->scheme == &x509_nss, FALSE); |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
605 | |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
606 | crt_dat = X509_NSS_DATA(crt); |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
607 | g_return_val_if_fail(crt_dat, FALSE); |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
608 | |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
609 | /* Extract the times into ugly PRTime thingies */ |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
610 | /* TODO: Maybe this shouldn't throw an error? */ |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
611 | g_return_val_if_fail( |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
612 | SECSuccess == CERT_GetCertTimes(crt_dat, |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
613 | &nss_activ, &nss_expir), |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
614 | FALSE); |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
615 | |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
616 | if (activation) { |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
617 | *activation = nss_activ; |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
618 | } |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
619 | if (expiration) { |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
620 | *expiration = nss_expir; |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
621 | } |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
622 | |
|
60c74d9597f3
- x509_nss get_times
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19012
diff
changeset
|
623 | return TRUE; |
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
624 | } |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
625 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
626 | static PurpleCertificateScheme x509_nss = { |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
627 | "x509", /* Scheme name */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
628 | N_("X.509 Certificates"), /* User-visible scheme name */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
629 | x509_import_from_file, /* Certificate import function */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
630 | x509_export_certificate, /* Certificate export function */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
631 | x509_copy_certificate, /* Copy */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
632 | x509_destroy_certificate, /* Destroy cert */ |
|
19485
502d308e4438
- Fill out the x509_nss struct properly
William Ehlhardt <williamehlhardt@gmail.com>
parents:
19027
diff
changeset
|
633 | NULL, /* Signed-by */ |
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
634 | x509_sha1sum, /* SHA1 fingerprint */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
635 | NULL, /* Unique ID */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
636 | NULL, /* Issuer Unique ID */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
637 | x509_common_name, /* Subject name */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
638 | x509_check_name, /* Check subject name */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
639 | x509_times /* Activation/Expiration time */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
640 | }; |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
641 | |
| 15884 | 642 | static PurpleSslOps ssl_ops = |
| 7016 | 643 | { |
| 644 | ssl_nss_init, | |
| 645 | ssl_nss_uninit, | |
|
14222
71d8761db708
[gaim-migrate @ 16808]
Mark Doliner <markdoliner@pidgin.im>
parents:
13530
diff
changeset
|
646 | ssl_nss_connect, |
| 7016 | 647 | ssl_nss_close, |
| 648 | ssl_nss_read, | |
|
16744
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
649 | ssl_nss_write, |
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
650 | ssl_nss_peer_certs, |
|
16744
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
651 | |
|
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
652 | /* padding */ |
|
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
653 | NULL, |
|
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
654 | NULL, |
|
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
655 | NULL |
| 7016 | 656 | }; |
| 657 | ||
| 658 | #endif /* HAVE_NSS */ | |
| 659 | ||
| 660 | ||
| 661 | static gboolean | |
| 15884 | 662 | plugin_load(PurplePlugin *plugin) |
| 7016 | 663 | { |
| 664 | #ifdef HAVE_NSS | |
| 15884 | 665 | if (!purple_ssl_get_ops()) { |
| 666 | purple_ssl_set_ops(&ssl_ops); | |
|
7862
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
667 | } |
| 7016 | 668 | |
| 11033 | 669 | /* Init NSS now, so others can use it even if sslconn never does */ |
| 670 | ssl_nss_init_nss(); | |
| 671 | ||
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
672 | /* Register the X.509 functions we provide */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
673 | purple_certificate_register_scheme(&x509_nss); |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
674 | |
| 7016 | 675 | return TRUE; |
| 676 | #else | |
| 677 | return FALSE; | |
| 678 | #endif | |
| 679 | } | |
| 680 | ||
| 681 | static gboolean | |
| 15884 | 682 | plugin_unload(PurplePlugin *plugin) |
| 7016 | 683 | { |
| 7053 | 684 | #ifdef HAVE_NSS |
| 15884 | 685 | if (purple_ssl_get_ops() == &ssl_ops) { |
| 686 | purple_ssl_set_ops(NULL); | |
|
7862
9b96706e44e7
[gaim-migrate @ 8516]
Bill Tompkins <obobo@users.sourceforge.net>
parents:
7467
diff
changeset
|
687 | } |
|
19008
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
688 | |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
689 | /* Unregister our X.509 functions */ |
|
222e4861b5a2
- Skeleton for ssl-nss x509 provider
William Ehlhardt <williamehlhardt@gmail.com>
parents:
17673
diff
changeset
|
690 | purple_certificate_unregister_scheme(&x509_nss); |
|
7050
12730863b0f9
[gaim-migrate @ 7613]
Christian Hammond <chipx86@chipx86.com>
parents:
7029
diff
changeset
|
691 | #endif |
|
12730863b0f9
[gaim-migrate @ 7613]
Christian Hammond <chipx86@chipx86.com>
parents:
7029
diff
changeset
|
692 | |
| 7016 | 693 | return TRUE; |
| 694 | } | |
| 695 | ||
| 15884 | 696 | static PurplePluginInfo info = |
| 7016 | 697 | { |
| 15884 | 698 | PURPLE_PLUGIN_MAGIC, |
| 699 | PURPLE_MAJOR_VERSION, | |
| 700 | PURPLE_MINOR_VERSION, | |
| 701 | PURPLE_PLUGIN_STANDARD, /**< type */ | |
| 7016 | 702 | NULL, /**< ui_requirement */ |
| 15884 | 703 | PURPLE_PLUGIN_FLAG_INVISIBLE, /**< flags */ |
| 7016 | 704 | NULL, /**< dependencies */ |
| 15884 | 705 | PURPLE_PRIORITY_DEFAULT, /**< priority */ |
| 7016 | 706 | |
|
7029
fe690e0607ec
[gaim-migrate @ 7592]
Christian Hammond <chipx86@chipx86.com>
parents:
7028
diff
changeset
|
707 | SSL_NSS_PLUGIN_ID, /**< id */ |
| 7016 | 708 | N_("NSS"), /**< name */ |
| 709 | VERSION, /**< version */ | |
| 710 | /** summary */ | |
| 711 | N_("Provides SSL support through Mozilla NSS."), | |
| 712 | /** description */ | |
| 713 | N_("Provides SSL support through Mozilla NSS."), | |
| 714 | "Christian Hammond <chipx86@gnupdate.org>", | |
| 15884 | 715 | PURPLE_WEBSITE, /**< homepage */ |
| 7016 | 716 | |
| 717 | plugin_load, /**< load */ | |
| 718 | plugin_unload, /**< unload */ | |
| 719 | NULL, /**< destroy */ | |
| 720 | ||
| 721 | NULL, /**< ui_info */ | |
|
11513
89bf8d856291
[gaim-migrate @ 13758]
Stu Tomlinson <nosnilmot@pidgin.im>
parents:
11256
diff
changeset
|
722 | NULL, /**< extra_info */ |
|
89bf8d856291
[gaim-migrate @ 13758]
Stu Tomlinson <nosnilmot@pidgin.im>
parents:
11256
diff
changeset
|
723 | NULL, /**< prefs_info */ |
|
16744
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
724 | NULL, /**< actions */ |
|
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
725 | |
|
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
726 | /* padding */ |
|
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
727 | NULL, |
|
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
728 | NULL, |
|
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
729 | NULL, |
|
fcdab37ba1c2
Added NULL pads to ssl stuff
Gary Kramlich <grim@reaperworld.com>
parents:
16158
diff
changeset
|
730 | NULL |
| 7016 | 731 | }; |
| 732 | ||
| 733 | static void | |
| 15884 | 734 | init_plugin(PurplePlugin *plugin) |
| 7016 | 735 | { |
| 736 | } | |
| 737 | ||
| 15884 | 738 | PURPLE_INIT_PLUGIN(ssl_nss, init_plugin, info) |
