[empathy: 5/65] Add tp-spec extensions for TLS auth.
- From: Cosimo Cecchi <cosimoc src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [empathy: 5/65] Add tp-spec extensions for TLS auth.
- Date: Tue, 24 Aug 2010 13:26:53 +0000 (UTC)
commit 487385179b4d3156348c82637109bdc3f6f319f1
Author: Cosimo Cecchi <cosimoc gnome org>
Date: Fri Jul 9 16:44:11 2010 +0200
Add tp-spec extensions for TLS auth.
extensions/Authentication_TLS_Certificate.xml | 191 +++++++++++++++++++++
extensions/Channel_Type_Server_TLS_Connection.xml | 54 ++++++
extensions/misc.xml | 2 +
3 files changed, 247 insertions(+), 0 deletions(-)
---
diff --git a/extensions/Authentication_TLS_Certificate.xml b/extensions/Authentication_TLS_Certificate.xml
new file mode 100644
index 0000000..1063d08
--- /dev/null
+++ b/extensions/Authentication_TLS_Certificate.xml
@@ -0,0 +1,191 @@
+<?xml version="1.0" ?>
+<node name="/Authentication_TLS_Certificate" xmlns:tp="http://telepathy.freedesktop.org/wiki/DbusSpec#extensions-v0">
+ <tp:copyright>Copyright © 2010 Collabora Limited</tp:copyright>
+ <tp:license>
+ This library is free software; you can redistribute it and/or
+modify it under the terms of the GNU Lesser General Public
+License as published by the Free Software Foundation; either
+version 2.1 of the License, or (at your option) any later version.
+
+This library is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+Lesser General Public License for more details.
+
+You should have received a copy of the GNU Lesser General Public
+License along with this library; if not, write to the Free Software
+Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ </tp:license>
+
+ <interface name="org.freedesktop.Telepathy.Authentication.TLSCertificate.DRAFT"
+ tp:causes-havoc="experimental">
+
+ <tp:docstring>
+ This object represents a TLS certificate.
+ </tp:docstring>
+
+ <tp:simple-type name="Certificate_Data" array-name="Certificate_Data_List"
+ type="ay">
+ <tp:docstring>
+ The raw data contained in a TLS certificate.
+ </tp:docstring>
+ </tp:simple-type>
+
+ <tp:enum type="u" name="TLS_Certificate_State">
+ <tp:docstring>
+ The possible states for a <tp:dbus-ref
+ namespace="org.freedesktop.Telepathy.Authentication">TLSCertificate.DRAFT</tp:dbus-ref>
+ object.
+ </tp:docstring>
+
+ <tp:enumvalue suffix="None" value="0">
+ <tp:docstring>
+ The certificate has no state associated with it.
+ </tp:docstring>
+ </tp:enumvalue>
+
+ <tp:enumvalue suffix="Verified" value="1">
+ <tp:docstring>
+ The certificate has been verified.
+ </tp:docstring>
+ </tp:enumvalue>
+
+ <tp:enumvalue suffix="Rejected" value="2">
+ <tp:docstring>
+ The certificate has been rejected.
+ </tp:docstring>
+ </tp:enumvalue>
+ </tp:enum>
+
+ <tp:enum type="u" name="TLS_Certificate_Reject_Reason">
+ <tp:docstring>
+ Possible reasons to reject a TLS certificate.
+ </tp:docstring>
+
+ <tp:enumvalue suffix="None" value="0">
+ <tp:docstring>
+ No reason specified.
+ </tp:docstring>
+ </tp:enumvalue>
+
+ <tp:enumvalue suffix="Other" value="1">
+ <tp:docstring>
+ The certificate has been rejected for another reason
+ not listed in this enumeration.
+ </tp:docstring>
+ </tp:enumvalue>
+
+ <tp:enumvalue suffix="Untrusted" value="2">
+ <tp:docstring>
+ The certificate is not trusted.
+ </tp:docstring>
+ </tp:enumvalue>
+
+ <tp:enumvalue suffix="Expired" value="3">
+ <tp:docstring>
+ The certificate is expired.
+ </tp:docstring>
+ </tp:enumvalue>
+
+ <tp:enumvalue suffix="Not_Activated" value="4">
+ <tp:docstring>
+ The certificate is not active yet.
+ </tp:docstring>
+ </tp:enumvalue>
+
+ <tp:enumvalue suffix="Hostname_Mismatch" value="5">
+ <tp:docstring>
+ The hostname certified does not match the provided one.
+ </tp:docstring>
+ </tp:enumvalue>
+
+ <tp:enumvalue suffix="Self_Signed" value="6">
+ <tp:docstring>
+ The certificate is self-signed.
+ </tp:docstring>
+ </tp:enumvalue>
+
+ <tp:enumvalue suffix="Revoked" value="7">
+ <tp:docstring>
+ The certificate has been revoked.
+ </tp:docstring>
+ </tp:enumvalue>
+
+ <tp:enumvalue suffix="Insecure_Algorithm" value="8">
+ <tp:docstring>
+ The certificate uses an insecure cipher algorithm.
+ </tp:docstring>
+ </tp:enumvalue>
+ </tp:enum>
+
+ <property name="State" type="u" access="read"
+ tp:type="TLS_Certificate_State"
+ tp:name-for-bindings="State">
+ <tp:docstring>
+ The current state of this certificate.
+ State change notifications happen by means of the
+ <tp:member-ref>StateChanged</tp:member-ref> signal.
+ </tp:docstring>
+ </property>
+
+ <property name="RejectReason" type="u" access="read"
+ tp:type="TLS_Certificate_Reject_Reason"
+ tp:name-for-bindings="Reject_Reason">
+ <tp:docstring>
+ The reason why this certificate has been rejected.
+ </tp:docstring>
+ </property>
+
+ <property name="CertificateType" type="s" access="read"
+ tp:name-for-bindings="Certificate_Type">
+ <tp:docstring>
+ The type of this TLS certificate (e.g. 'x509' or 'pgp').
+ </tp:docstring>
+ </property>
+
+ <property name="CertificateChainData" type="aay" access="read"
+ tp:type="Certificate_Data[]" tp:name-for-bindings="Certificate_Chain_Data">
+ <tp:docstring>
+ The RAW PEM-encoded trust chain of this TLS certificate.
+ </tp:docstring>
+ </property>
+
+ <signal name="StateChanged"
+ tp:name-for-bindings="State_Changed">
+ <tp:docstring>
+ The state of this TLS certificate has changed.
+ </tp:docstring>
+ <arg name="State" type="u" tp:type="TLS_Certificate_State">
+ <tp:docstring>
+ The new state of the TLS certificate.
+ </tp:docstring>
+ </arg>
+ <arg name="Reason" type="u" tp:type="TLS_Certificate_Reject_Reason">
+ <tp:docstring>
+ The reason why the state of the TLS certificate changed.
+ </tp:docstring>
+ </arg>
+ </signal>
+
+ <method name="Accept" tp:name-for-bindings="Accept">
+ <tp:docstring>
+ Accepts this certificate, i.e. marks it as verified.
+ This method doesn't do anything on local certificates.
+ </tp:docstring>
+ </method>
+
+ <method name="Reject" tp:name-for-bindings="Reject">
+ <tp:docstring>
+ Rejects this certificate. This method doesn't do anything
+ on local certificates.
+ </tp:docstring>
+ <arg direction="in" type="u" name="Reason"
+ tp:type="TLS_Certificate_Reject_Reason">
+ <tp:docstring>
+ The reason why this certificate is being rejected.
+ </tp:docstring>
+ </arg>
+ </method>
+
+ </interface>
+</node>
diff --git a/extensions/Channel_Type_Server_TLS_Connection.xml b/extensions/Channel_Type_Server_TLS_Connection.xml
new file mode 100644
index 0000000..4704273
--- /dev/null
+++ b/extensions/Channel_Type_Server_TLS_Connection.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" ?>
+<node name="/Channel_Type_Server_TLS_Connection"
+ xmlns:tp="http://telepathy.freedesktop.org/wiki/DbusSpec#extensions-v0">
+ <tp:copyright> Copyright © 2010 Collabora Limited </tp:copyright>
+ <tp:license>
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ </tp:license>
+
+ <interface name="org.freedesktop.Telepathy.Channel.Type.ServerTLSConnection.DRAFT"
+ tp:causes-havoc="experimental">
+
+ <tp:requires interface="org.freedesktop.Telepathy.Channel"/>
+
+ <tp:docstring xmlns="http://www.w3.org/1999/xhtml">
+ <p>
+ A channel type that carries a TLS certificate between a server
+ and a client connecting to it.<br/>
+ Channels of this kind are never requested, are anonymous, and SHOULD be
+ dispatched while the
+ <tp:dbus-ref
+ namespace="org.freedesktop.Telepathy">Connection</tp:dbus-ref>
+ owning it is in the CONNECTING state.</p>
+ <p>In this case, handlers SHOULD accept or reject the certificate, using
+ the relevant methods on the provided object, or MAY just close the channel before doing so, to fall
+ back to a non-interactive verification process done inside the CM.</p>
+ <p>For example, channels of this kind can pop up while a client is
+ connecting to an XMPP server.</p>
+ </tp:docstring>
+
+ <property name="ServerCertificate" type="o" access="read"
+ tp:name-for-bindings="ServerCertificate">
+ <tp:docstring>
+ A <tp:dbus-ref
+ namespace="org.freedesktop.Telepathy.Authentication">TLSCertificate.DRAFT</tp:dbus-ref>
+ containing the certificate chain as sent by the server,
+ and other relevant information.
+ </tp:docstring>
+ </property>
+
+ </interface>
+</node>
+
diff --git a/extensions/misc.xml b/extensions/misc.xml
index 6fe06d8..320d488 100644
--- a/extensions/misc.xml
+++ b/extensions/misc.xml
@@ -7,5 +7,7 @@
<xi:include href="Debug.xml" />
<xi:include href="Channel_Interface_Conference.xml" />
<xi:include href="Logger.xml" />
+<xi:include href="Authentication_TLS_Certificate.xml" />
+<xi:include href="Channel_Type_Server_TLS_Connection.xml" />
</tp:spec>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]