aboutsummaryrefslogtreecommitdiffstats
path: root/src/empathy-auth-client.c
diff options
context:
space:
mode:
authorStef Walter <stefw@collabora.co.uk>2011-03-18 18:59:02 +0800
committerStef Walter <stefw@collabora.co.uk>2011-03-18 18:59:02 +0800
commit3b10103f06517cd7bfbb1576daadaf4855b800a2 (patch)
tree7b9d0c12a74a876dad6e87d2a22dacfc405c7437 /src/empathy-auth-client.c
parent00f27e9c52f494cad1b36e0e106a129e884ac428 (diff)
downloadgsoc2013-empathy-3b10103f06517cd7bfbb1576daadaf4855b800a2.tar
gsoc2013-empathy-3b10103f06517cd7bfbb1576daadaf4855b800a2.tar.gz
gsoc2013-empathy-3b10103f06517cd7bfbb1576daadaf4855b800a2.tar.bz2
gsoc2013-empathy-3b10103f06517cd7bfbb1576daadaf4855b800a2.tar.lz
gsoc2013-empathy-3b10103f06517cd7bfbb1576daadaf4855b800a2.tar.xz
gsoc2013-empathy-3b10103f06517cd7bfbb1576daadaf4855b800a2.tar.zst
gsoc2013-empathy-3b10103f06517cd7bfbb1576daadaf4855b800a2.zip
Use ServerTLSConnection.ReferenceIdentities to check cert identity.
The certificate identity can be checked against more than just one piece of information. Load and use all the reference identities to check the identity of the certificate. https://bugzilla.gnome.org/show_bug.cgi?id=645119
Diffstat (limited to 'src/empathy-auth-client.c')
-rw-r--r--src/empathy-auth-client.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/empathy-auth-client.c b/src/empathy-auth-client.c
index df2003495..56c977072 100644
--- a/src/empathy-auth-client.c
+++ b/src/empathy-auth-client.c
@@ -197,6 +197,7 @@ auth_factory_new_tls_handler_cb (EmpathyAuthFactory *factory,
{
EmpathyTLSCertificate *certificate = NULL;
gchar *hostname = NULL;
+ gchar **reference_identities = NULL;
EmpathyTLSVerifier *verifier;
DEBUG ("New TLS server handler received from the factory");
@@ -204,15 +205,18 @@ auth_factory_new_tls_handler_cb (EmpathyAuthFactory *factory,
g_object_get (handler,
"certificate", &certificate,
"hostname", &hostname,
+ "reference-identities", &reference_identities,
NULL);
- verifier = empathy_tls_verifier_new (certificate, hostname);
+ verifier = empathy_tls_verifier_new (certificate, hostname,
+ (const gchar**)reference_identities);
empathy_tls_verifier_verify_async (verifier,
verifier_verify_cb, NULL);
g_object_unref (verifier);
g_object_unref (certificate);
g_free (hostname);
+ g_strfreev (reference_identities);
}
static void