aboutsummaryrefslogtreecommitdiffstats
path: root/libempathy/empathy-tls-verifier.c
Commit message (Collapse)AuthorAgeFilesLines
* Use TpTpTLSCertificateGuillaume Desmottes2012-05-101-32/+29
| | | | https://bugzilla.gnome.org/show_bug.cgi?id=674318
* tls-test: Use a proper PKCS#11 mock module for testingStef Walter2012-04-191-2/+2
| | | | | | | | | | | * In empathy-tls-test.c use a proper PKCS#11 mock module, which we can place certificate anchors and pinned certificates in. * Fix EmpathyTlsVerifier to check for server trust assertions not client ones, this was a bug highlighted by fixing tests. https://bugzilla.gnome.org/show_bug.cgi?id=668186 https://bugzilla.gnome.org/show_bug.cgi?id=668261
* coding style fixesGuillaume Desmottes2011-11-141-1/+1
|
* tls: Cast argument to gcr_simple_certificate_new to avoid compiler warningColin Walters2011-11-041-1/+1
| | | | Gcr correctly treats these as unsigned.
* Initialize matched to FALSE to stop -Wall breaking the build (and ↵Danilo Segan2011-04-041-1/+1
| | | | | | potentially avoid a hard-to-track bug) Fixes bug #646691
* Style changes from review for ReferenceIdentities codeStef Walter2011-03-181-6/+9
|
* Use ServerTLSConnection.ReferenceIdentities to check cert identity.Stef Walter2011-03-181-4/+34
| | | | | | | | The certificate identity can be checked against more than just one piece of information. Load and use all the reference identities to check the identity of the certificate. https://bugzilla.gnome.org/show_bug.cgi?id=645119
* libempathy: Fix free of uninitialized variables.Stef Walter2010-12-241-0/+3
| | | | When a pinned certificate is present, these don't get initialized.
* libempathy: Store pinned certificate for end entity cert in the chain.Stef Walter2010-12-241-6/+21
| | | | https://bugzilla.gnome.org/show_bug.cgi?id=636258
* libempathy: Fix memory leaks and use consistent naming for various arrays.Stef Walter2010-12-241-15/+16
| | | | https://bugzilla.gnome.org/show_bug.cgi?id=636258#c3
* libempathy: Fix leak of certificate data.Stef Walter2010-12-241-0/+1
| | | | https://bugzilla.gnome.org/show_bug.cgi?id=636258#c3
* libempathy, tests: Wrap new function arguments properly.Stef Walter2010-12-241-5/+11
| | | | https://bugzilla.gnome.org/show_bug.cgi?id=636258#c3
* libempathy: Match changes in libgcr terminology and debug output.Stef Walter2010-12-241-2/+29
| | | | | Add debug output for certificate chain, and fix up for some changes in libgcr terminology.
* libempathy: Use new certificate chain facilities in libgcrStef Walter2010-12-241-188/+103
| | | | | Build the chain with new GcrCertificateChain and then use gnutls to verify it.
* libempathy: Complete successful verification properly.Stef Walter2010-12-241-0/+1
| | | | Complete TLS verification properly in TLS verifier.
* libempathy: Fix reference counting of certs in verifier.Stef Walter2010-12-241-2/+4
|
* libempathy: Use new gcr functions properly and fix build.Stef Walter2010-12-241-4/+12
| | | | libgcr now uses single header include model.
* libempathy: Load complete certificate chain even when not sent.Stef Walter2010-12-241-53/+133
| | | | | | Even when a complete certificate chain is not sent by the remote host, we can load a complete certificate chain based on the local certificates.
* libempathy: Store certificate exceptions in gnome-keyring.Stef Walter2010-12-241-0/+21
| | | | Use libgcr to store certificate trust exceptions properly.
* libempathy: Use trust assertions instead of certificate directories.Stef Walter2010-12-241-338/+122
| | | | Initial implementation.
* Compile with --without-ca-fileWill Thompson2010-12-131-0/+2
|
* Make ca-certs location configurable (#634197)Brian Pepple2010-11-151-1/+1
|
* Don't ignore the CA certificate if it's the only one in the chainCosimo Cecchi2010-10-041-1/+4
| | | | | This avoids auth-client crashes for servers which provide only a self-signed CA as TLS certificate on connect (#631095).
* Move _get_certificate_hostname() out of the verifierCosimo Cecchi2010-09-081-36/+1
|
* Remove whitespaceCosimo Cecchi2010-08-191-2/+2
|
* Don't allow calling verify_async() twiceCosimo Cecchi2010-08-191-0/+2
|
* Use tp_clear_pointer() where possibleCosimo Cecchi2010-08-191-7/+3
|
* Add a details hash table as an out param of the verificationCosimo Cecchi2010-08-191-6/+29
|
* Make it more clear which snippets are taken from GnuTLSCosimo Cecchi2010-08-191-1/+7
|
* Assert when we have an invalid pointerCosimo Cecchi2010-08-191-0/+2
|
* Build the right path when looking at user certsCosimo Cecchi2010-08-131-3/+7
|
* Add also certificates from our storageCosimo Cecchi2010-08-131-6/+77
| | | | | I.e. ~/.config/telepathy/certs. Also, make sure we release memory when finalizing the object.
* Cosmetic changesCosimo Cecchi2010-08-131-4/+7
|
* Implement hostname checkingCosimo Cecchi2010-08-131-5/+54
|
* Correctly treat the last certificate in the chainCosimo Cecchi2010-08-131-10/+33
| | | | I.e. emit SelfSigned if we don't have any trusted CAs in our cache.
* Use the right GnuTLS->Tp mapping for reasons.Cosimo Cecchi2010-08-131-2/+2
|
* Use the right index to access the cert array.Cosimo Cecchi2010-08-131-1/+1
|
* Add EmpathyTLSVerifierCosimo Cecchi2010-08-131-0/+558
This also introduces a dependency on GnuTLS