Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Use TpTpTLSCertificate | Guillaume Desmottes | 2012-05-10 | 1 | -32/+29 |
| | | | | https://bugzilla.gnome.org/show_bug.cgi?id=674318 | ||||
* | tls-test: Use a proper PKCS#11 mock module for testing | Stef Walter | 2012-04-19 | 1 | -2/+2 |
| | | | | | | | | | | | * In empathy-tls-test.c use a proper PKCS#11 mock module, which we can place certificate anchors and pinned certificates in. * Fix EmpathyTlsVerifier to check for server trust assertions not client ones, this was a bug highlighted by fixing tests. https://bugzilla.gnome.org/show_bug.cgi?id=668186 https://bugzilla.gnome.org/show_bug.cgi?id=668261 | ||||
* | coding style fixes | Guillaume Desmottes | 2011-11-14 | 1 | -1/+1 |
| | |||||
* | tls: Cast argument to gcr_simple_certificate_new to avoid compiler warning | Colin Walters | 2011-11-04 | 1 | -1/+1 |
| | | | | Gcr correctly treats these as unsigned. | ||||
* | Initialize matched to FALSE to stop -Wall breaking the build (and ↵ | Danilo Segan | 2011-04-04 | 1 | -1/+1 |
| | | | | | | potentially avoid a hard-to-track bug) Fixes bug #646691 | ||||
* | Style changes from review for ReferenceIdentities code | Stef Walter | 2011-03-18 | 1 | -6/+9 |
| | |||||
* | Use ServerTLSConnection.ReferenceIdentities to check cert identity. | Stef Walter | 2011-03-18 | 1 | -4/+34 |
| | | | | | | | | The certificate identity can be checked against more than just one piece of information. Load and use all the reference identities to check the identity of the certificate. https://bugzilla.gnome.org/show_bug.cgi?id=645119 | ||||
* | libempathy: Fix free of uninitialized variables. | Stef Walter | 2010-12-24 | 1 | -0/+3 |
| | | | | When a pinned certificate is present, these don't get initialized. | ||||
* | libempathy: Store pinned certificate for end entity cert in the chain. | Stef Walter | 2010-12-24 | 1 | -6/+21 |
| | | | | https://bugzilla.gnome.org/show_bug.cgi?id=636258 | ||||
* | libempathy: Fix memory leaks and use consistent naming for various arrays. | Stef Walter | 2010-12-24 | 1 | -15/+16 |
| | | | | https://bugzilla.gnome.org/show_bug.cgi?id=636258#c3 | ||||
* | libempathy: Fix leak of certificate data. | Stef Walter | 2010-12-24 | 1 | -0/+1 |
| | | | | https://bugzilla.gnome.org/show_bug.cgi?id=636258#c3 | ||||
* | libempathy, tests: Wrap new function arguments properly. | Stef Walter | 2010-12-24 | 1 | -5/+11 |
| | | | | https://bugzilla.gnome.org/show_bug.cgi?id=636258#c3 | ||||
* | libempathy: Match changes in libgcr terminology and debug output. | Stef Walter | 2010-12-24 | 1 | -2/+29 |
| | | | | | Add debug output for certificate chain, and fix up for some changes in libgcr terminology. | ||||
* | libempathy: Use new certificate chain facilities in libgcr | Stef Walter | 2010-12-24 | 1 | -188/+103 |
| | | | | | Build the chain with new GcrCertificateChain and then use gnutls to verify it. | ||||
* | libempathy: Complete successful verification properly. | Stef Walter | 2010-12-24 | 1 | -0/+1 |
| | | | | Complete TLS verification properly in TLS verifier. | ||||
* | libempathy: Fix reference counting of certs in verifier. | Stef Walter | 2010-12-24 | 1 | -2/+4 |
| | |||||
* | libempathy: Use new gcr functions properly and fix build. | Stef Walter | 2010-12-24 | 1 | -4/+12 |
| | | | | libgcr now uses single header include model. | ||||
* | libempathy: Load complete certificate chain even when not sent. | Stef Walter | 2010-12-24 | 1 | -53/+133 |
| | | | | | | Even when a complete certificate chain is not sent by the remote host, we can load a complete certificate chain based on the local certificates. | ||||
* | libempathy: Store certificate exceptions in gnome-keyring. | Stef Walter | 2010-12-24 | 1 | -0/+21 |
| | | | | Use libgcr to store certificate trust exceptions properly. | ||||
* | libempathy: Use trust assertions instead of certificate directories. | Stef Walter | 2010-12-24 | 1 | -338/+122 |
| | | | | Initial implementation. | ||||
* | Compile with --without-ca-file | Will Thompson | 2010-12-13 | 1 | -0/+2 |
| | |||||
* | Make ca-certs location configurable (#634197) | Brian Pepple | 2010-11-15 | 1 | -1/+1 |
| | |||||
* | Don't ignore the CA certificate if it's the only one in the chain | Cosimo Cecchi | 2010-10-04 | 1 | -1/+4 |
| | | | | | This avoids auth-client crashes for servers which provide only a self-signed CA as TLS certificate on connect (#631095). | ||||
* | Move _get_certificate_hostname() out of the verifier | Cosimo Cecchi | 2010-09-08 | 1 | -36/+1 |
| | |||||
* | Remove whitespace | Cosimo Cecchi | 2010-08-19 | 1 | -2/+2 |
| | |||||
* | Don't allow calling verify_async() twice | Cosimo Cecchi | 2010-08-19 | 1 | -0/+2 |
| | |||||
* | Use tp_clear_pointer() where possible | Cosimo Cecchi | 2010-08-19 | 1 | -7/+3 |
| | |||||
* | Add a details hash table as an out param of the verification | Cosimo Cecchi | 2010-08-19 | 1 | -6/+29 |
| | |||||
* | Make it more clear which snippets are taken from GnuTLS | Cosimo Cecchi | 2010-08-19 | 1 | -1/+7 |
| | |||||
* | Assert when we have an invalid pointer | Cosimo Cecchi | 2010-08-19 | 1 | -0/+2 |
| | |||||
* | Build the right path when looking at user certs | Cosimo Cecchi | 2010-08-13 | 1 | -3/+7 |
| | |||||
* | Add also certificates from our storage | Cosimo Cecchi | 2010-08-13 | 1 | -6/+77 |
| | | | | | I.e. ~/.config/telepathy/certs. Also, make sure we release memory when finalizing the object. | ||||
* | Cosmetic changes | Cosimo Cecchi | 2010-08-13 | 1 | -4/+7 |
| | |||||
* | Implement hostname checking | Cosimo Cecchi | 2010-08-13 | 1 | -5/+54 |
| | |||||
* | Correctly treat the last certificate in the chain | Cosimo Cecchi | 2010-08-13 | 1 | -10/+33 |
| | | | | I.e. emit SelfSigned if we don't have any trusted CAs in our cache. | ||||
* | Use the right GnuTLS->Tp mapping for reasons. | Cosimo Cecchi | 2010-08-13 | 1 | -2/+2 |
| | |||||
* | Use the right index to access the cert array. | Cosimo Cecchi | 2010-08-13 | 1 | -1/+1 |
| | |||||
* | Add EmpathyTLSVerifier | Cosimo Cecchi | 2010-08-13 | 1 | -0/+558 |
This also introduces a dependency on GnuTLS |