[empathy: 18/65] Verify the certificate from the helper.

From: Cosimo Cecchi <cosimoc src gnome org>
To: commits-list gnome org
Cc:
Subject: [empathy: 18/65] Verify the certificate from the helper.
Date: Tue, 24 Aug 2010 13:27:58 +0000 (UTC)

commit e750de24904feef14c5e1e4bd68f935abd3cb6de
Author: Cosimo Cecchi <cosimoc gnome org>
Date:   Wed Aug 11 18:35:20 2010 +0200

    Verify the certificate from the helper.

 src/empathy-auth-helper.c |   56 +++++++++++++++++++++++++++++++++++++++++---
 1 files changed, 52 insertions(+), 4 deletions(-)
---
diff --git a/src/empathy-auth-helper.c b/src/empathy-auth-helper.c
index aaee48e..6cbffea 100644
--- a/src/empathy-auth-helper.c
+++ b/src/empathy-auth-helper.c
@@ -30,24 +30,69 @@
 #include <libempathy/empathy-debug.h>
 #include <libempathy/empathy-auth-factory.h>
 #include <libempathy/empathy-server-tls-handler.h>
+#include <libempathy/empathy-tls-verifier.h>
 
 #include <libempathy-gtk/empathy-ui-utils.h>
 
+#include <gnutls/gnutls.h>
+
+#include <extensions/extensions.h>
+
+static void
+verifier_verify_cb (GObject *source,
+    GAsyncResult *result,
+    gpointer user_data)
+{
+  gboolean res;
+  EmpTLSCertificateRejectReason reason;
+  GError *error = NULL;
+  EmpathyTLSCertificate *certificate = NULL;
+
+  g_object_get (source,
+      "certificate", &certificate,
+      NULL);
+
+  res = empathy_tls_verifier_verify_finish (EMPATHY_TLS_VERIFIER (source),
+      result, &reason, &error);
+
+  if (error != NULL)
+    {
+      DEBUG ("Error: %s", error->message);
+      empathy_tls_certificate_reject (certificate, reason, FALSE);
+
+      g_error_free (error);
+    }
+  else
+    {
+      empathy_tls_certificate_accept (certificate);
+    }
+
+  g_object_unref (certificate);
+}
+
 static void
 auth_factory_new_handler_cb (EmpathyAuthFactory *factory,
     EmpathyServerTLSHandler *handler,
     gpointer user_data)
 {
-  EmpathyTLSCertificate *certificate;
+  EmpathyTLSCertificate *certificate = NULL;
+  gchar *hostname = NULL;
+  EmpathyTLSVerifier *verifier;
 
   DEBUG ("New TLS server handler received from the factory");
 
-  certificate = g_object_ref (
-      empathy_server_tls_handler_get_certificate (handler));
+  g_object_get (handler,
+      "certificate", &certificate,
+      "hostname", &hostname,
+      NULL);
 
-  empathy_tls_certificate_accept (certificate);
+  verifier = empathy_tls_verifier_new (certificate, hostname);
+  empathy_tls_verifier_verify_async (verifier,
+      verifier_verify_cb, NULL);
 
+  g_object_unref (verifier);
   g_object_unref (certificate);
+  g_free (hostname);
 }
 
 int
@@ -75,6 +120,7 @@ main (int argc,
   g_option_context_free (context);
 
   empathy_gtk_init ();
+  gnutls_global_init ();
   g_set_application_name (_("Empathy authentication helper"));
 
   gtk_window_set_default_icon_name ("empathy");
@@ -98,5 +144,7 @@ main (int argc,
 
   gtk_main ();
 
+  g_object_unref (factory);
+
   return EXIT_SUCCESS;
 }

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]