[empathy] Move _get_certificate_hostname() out of the verifier

From: Cosimo Cecchi <cosimoc src gnome org>
To: commits-list gnome org
Cc:
Subject: [empathy] Move _get_certificate_hostname() out of the verifier
Date: Wed, 8 Sep 2010 15:08:53 +0000 (UTC)
commit 82fa83288652fb6b856b442145b10791941f3113
Author: Cosimo Cecchi <cosimoc gnome org>
Date:   Wed Sep 8 16:56:54 2010 +0200

    Move _get_certificate_hostname() out of the verifier

 libempathy/empathy-tls-verifier.c |   37 +------------------------------------
 libempathy/empathy-utils.c        |   35 +++++++++++++++++++++++++++++++++++
 libempathy/empathy-utils.h        |    4 ++++
 3 files changed, 40 insertions(+), 36 deletions(-)
---
diff --git a/libempathy/empathy-tls-verifier.c b/libempathy/empathy-tls-verifier.c
index 000c9a3..517ae9e 100644
--- a/libempathy/empathy-tls-verifier.c
+++ b/libempathy/empathy-tls-verifier.c
@@ -16,10 +16,6 @@
  * You should have received a copy of the GNU Lesser General Public
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
- *
- * Some snippets are taken from GnuTLS 2.8.6, which is distributed under the
- * same GNU Lesser General Public License 2.1 (or later) version. See
- * get_certified_hostname ().
  */
 
 #include <config.h>
@@ -222,37 +218,6 @@ abort_verification (EmpathyTLSVerifier *self,
   tp_clear_object (&priv->verify_result);
 }
 
-static gchar *
-get_certified_hostname (gnutls_x509_crt_t cert)
-{
-  gchar dns_name[256];
-  gsize dns_name_size;
-  gint idx;
-  gint res = 0;
-
-  /* this snippet is taken from GnuTLS.
-   * see gnutls/lib/x509/rfc2818_hostname.c
-   */
-  for (idx = 0; res >= 0; idx++)
-    {
-      dns_name_size = sizeof (dns_name);
-      res = gnutls_x509_crt_get_subject_alt_name (cert, idx,
-          dns_name, &dns_name_size, NULL);
-
-      if (res == GNUTLS_SAN_DNSNAME || res == GNUTLS_SAN_IPADDRESS)
-        return g_strndup (dns_name, dns_name_size);
-    }
-
-  dns_name_size = sizeof (dns_name);
-  res = gnutls_x509_crt_get_dn_by_oid (cert, GNUTLS_OID_X520_COMMON_NAME,
-      0, 0, dns_name, &dns_name_size);
-
-  if (res >= 0)
-    return g_strndup (dns_name, dns_name_size);
-
-  return NULL;
-}
-
 static void
 real_start_verification (EmpathyTLSVerifier *self)
 {
@@ -273,7 +238,7 @@ real_start_verification (EmpathyTLSVerifier *self)
       gchar *certified_hostname;
 
       reason = EMP_TLS_CERTIFICATE_REJECT_REASON_HOSTNAME_MISMATCH;
-      certified_hostname = get_certified_hostname (first_cert);
+      certified_hostname = empathy_get_x509_certificate_hostname (first_cert);
       tp_asv_set_string (priv->details,
           "expected-hostname", priv->hostname);
       tp_asv_set_string (priv->details,
diff --git a/libempathy/empathy-utils.c b/libempathy/empathy-utils.c
index 0ee1bbc..89dd800 100644
--- a/libempathy/empathy-utils.c
+++ b/libempathy/empathy-utils.c
@@ -20,6 +20,10 @@
  * Authors: Richard Hult <richard imendio com>
  *          Martyn Russell <martyn imendio com>
  *          Xavier Claessens <xclaesse gmail com>
+ *
+ * Some snippets are taken from GnuTLS 2.8.6, which is distributed under the
+ * same GNU Lesser General Public License 2.1 (or later) version. See
+ * empathy_get_x509_certified_hostname ().
  */
 
 #include "config.h"
@@ -739,3 +743,34 @@ tp_chanel_group_change_reason_from_folks_groups_change_reason (
 {
   return (TpChannelGroupChangeReason) reason;
 }
+
+gchar *
+empathy_get_x509_certificate_hostname (gnutls_x509_crt_t cert)
+{
+  gchar dns_name[256];
+  gsize dns_name_size;
+  gint idx;
+  gint res = 0;
+
+  /* this snippet is taken from GnuTLS.
+   * see gnutls/lib/x509/rfc2818_hostname.c
+   */
+  for (idx = 0; res >= 0; idx++)
+    {
+      dns_name_size = sizeof (dns_name);
+      res = gnutls_x509_crt_get_subject_alt_name (cert, idx,
+          dns_name, &dns_name_size, NULL);
+
+      if (res == GNUTLS_SAN_DNSNAME || res == GNUTLS_SAN_IPADDRESS)
+        return g_strndup (dns_name, dns_name_size);
+    }
+
+  dns_name_size = sizeof (dns_name);
+  res = gnutls_x509_crt_get_dn_by_oid (cert, GNUTLS_OID_X520_COMMON_NAME,
+      0, 0, dns_name, &dns_name_size);
+
+  if (res >= 0)
+    return g_strndup (dns_name, dns_name_size);
+
+  return NULL;
+}
diff --git a/libempathy/empathy-utils.h b/libempathy/empathy-utils.h
index f588479..7e856d3 100644
--- a/libempathy/empathy-utils.h
+++ b/libempathy/empathy-utils.h
@@ -29,6 +29,8 @@
 #include <glib.h>
 #include <glib-object.h>
 
+#include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
 #include <libxml/parser.h>
 #include <libxml/tree.h>
 #include <folks/folks.h>
@@ -97,6 +99,8 @@ gboolean empathy_folks_individual_contains_contact (FolksIndividual *individual)
 EmpathyContact * empathy_contact_dup_from_folks_individual (FolksIndividual *individual);
 TpChannelGroupChangeReason tp_chanel_group_change_reason_from_folks_groups_change_reason (FolksGroupsChangeReason reason);
 
+gchar * empathy_get_x509_certificate_hostname (gnutls_x509_crt_t cert);
+
 G_END_DECLS
 
 #endif /*  __EMPATHY_UTILS_H__ */
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]