[pan2] * redirect fatal cert verify parts to _fail (return GNUTLS_E_CERTIFICATE_ERROR)



commit 1e775fea518e382bce8a46552ca44097aa5583d0
Author: Heinrich MÃlller <henmull src gnome org>
Date:   Wed May 2 08:21:04 2012 +0200

    * redirect fatal cert verify parts to _fail (return GNUTLS_E_CERTIFICATE_ERROR)

 configure.in           |    6 +++---
 pan/data/cert-store.cc |   14 ++++----------
 pan/gui/body-pane.cc   |    2 ++
 3 files changed, 9 insertions(+), 13 deletions(-)
---
diff --git a/configure.in b/configure.in
index 24b718f..a9e5dc6 100644
--- a/configure.in
+++ b/configure.in
@@ -1,8 +1,8 @@
-AC_INIT([Pan],[0.137],[https://bugzilla.gnome.org/enter_bug.cgi?product=Pan],[pan],[http://pan.rebelbase.com/])
+AC_INIT([Pan],[0.138],[https://bugzilla.gnome.org/enter_bug.cgi?product=Pan],[pan],[http://pan.rebelbase.com/])
 AC_DEFINE(VERSION_MAJOR,0,[Major part of version number])
-AC_DEFINE(VERSION_MINOR,137,[Minor part of version number])
+AC_DEFINE(VERSION_MINOR,138,[Minor part of version number])
 AC_DEFINE(VERSION_REVISION,0,[Revision part of version number])
-AC_DEFINE(VERSION_TITLE,["The Mattel and Mars Bar Quick Energy Chocobot Hour"],[Release Name])
+AC_DEFINE(VERSION_TITLE,["Der GerÃt"],[Release Name])
 AC_PREREQ([2.64])
 
 dnl Expanded by export-archive
diff --git a/pan/data/cert-store.cc b/pan/data/cert-store.cc
index 10ec153..ca20763 100644
--- a/pan/data/cert-store.cc
+++ b/pan/data/cert-store.cc
@@ -137,23 +137,20 @@ namespace pan
     if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509)
     {
       g_warning ("The certificate is not a X509 certificate!\n");
-      fail = true;
-      fatal = true;
+      goto _fail;
     }
 
     if (gnutls_x509_crt_init (&cert) < 0)
     {
       g_warning ("Error in initialization\n");
-      fail = true;
-      fatal = true;
+      goto _fail;
     }
 
     cert_list = gnutls_certificate_get_peers (session, &cert_list_size);
     if (cert_list == NULL)
     {
       g_warning ("No certificate found!\n");
-      fail = true;
-      fatal = true;
+      goto _fail;
     }
 
     /* TODO verify whole chain perhaps?
@@ -161,8 +158,7 @@ namespace pan
     if (gnutls_x509_crt_import (cert, &cert_list[0], GNUTLS_X509_FMT_DER) < 0)
     {
       g_warning ("Error parsing certificate!\n");
-      fail = true;
-      fatal = true;
+      goto _fail;
     }
 
     if (!gnutls_x509_crt_check_hostname (cert, mydata->hostname_full.c_str()))
@@ -172,8 +168,6 @@ namespace pan
       fail = true;
     }
 
-    if (fatal) goto _fail;
-
     /* auto-add new cert if we always trust this server , no matter what */
     if (mydata->always_trust)
       mydata->cs->add(cert, mydata->host);
diff --git a/pan/gui/body-pane.cc b/pan/gui/body-pane.cc
index 1ba6822..365d29c 100644
--- a/pan/gui/body-pane.cc
+++ b/pan/gui/body-pane.cc
@@ -53,6 +53,8 @@ using namespace pan;
 ****
 ***/
 
+/// TODO : replace g_atexit (deprecated)
+
 namespace
 {
 



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]