[glib-networking/wip/tlssplit: 5/6] base: move accept_peer_certificate to the base connection
- From: Ignacio Casal Quinteiro <icq src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking/wip/tlssplit: 5/6] base: move accept_peer_certificate to the base connection
- Date: Mon, 18 Jan 2016 13:47:55 +0000 (UTC)
commit d7472d8a85fd960048629be879c76c8af5a6ad48
Author: Ignacio Casal Quinteiro <icq gnome org>
Date: Thu Aug 20 17:28:04 2015 +0200
base: move accept_peer_certificate to the base connection
tls/base/gtlsconnection-base.c | 26 ++++++++++++++++++++++++++
tls/base/gtlsconnection-base.h | 4 ++++
tls/gnutls/gtlsconnection-gnutls.c | 30 ++----------------------------
3 files changed, 32 insertions(+), 28 deletions(-)
---
diff --git a/tls/base/gtlsconnection-base.c b/tls/base/gtlsconnection-base.c
index 1a6ce19..4f39fbf 100644
--- a/tls/base/gtlsconnection-base.c
+++ b/tls/base/gtlsconnection-base.c
@@ -708,6 +708,32 @@ g_tls_connection_base_create_source (GTlsConnectionBase *tls,
return source;
}
+gboolean
+g_tls_connection_base_accept_peer_certificate (GTlsConnectionBase *tls,
+ GTlsCertificate *peer_certificate,
+ GTlsCertificateFlags peer_certificate_errors)
+{
+ gboolean accepted = FALSE;
+
+ if (G_IS_TLS_CLIENT_CONNECTION (tls))
+ {
+ GTlsCertificateFlags validation_flags =
+ g_tls_client_connection_get_validation_flags (G_TLS_CLIENT_CONNECTION (tls));
+
+ if ((peer_certificate_errors & validation_flags) == 0)
+ accepted = TRUE;
+ }
+
+ if (!accepted)
+ {
+ accepted = g_tls_connection_emit_accept_certificate (G_TLS_CONNECTION (tls),
+ peer_certificate,
+ peer_certificate_errors);
+ }
+
+ return accepted;
+}
+
void
g_tls_connection_base_set_peer_certificate (GTlsConnectionBase *tls,
GTlsCertificate *peer_certificate,
diff --git a/tls/base/gtlsconnection-base.h b/tls/base/gtlsconnection-base.h
index 7f676bf..0809644 100644
--- a/tls/base/gtlsconnection-base.h
+++ b/tls/base/gtlsconnection-base.h
@@ -160,6 +160,10 @@ struct _GTlsConnectionBase
GType g_tls_connection_base_get_type (void) G_GNUC_CONST;
+gboolean g_tls_connection_base_accept_peer_certificate (GTlsConnectionBase *tls,
+ GTlsCertificate *peer_certificate,
+ GTlsCertificateFlags peer_certificate_errors);
+
void g_tls_connection_base_set_peer_certificate (GTlsConnectionBase *tls,
GTlsCertificate *peer_certificate,
GTlsCertificateFlags peer_certificate_errors);
diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c
index 15c4d7d..a7a6b18 100644
--- a/tls/gnutls/gtlsconnection-gnutls.c
+++ b/tls/gnutls/gtlsconnection-gnutls.c
@@ -612,32 +612,6 @@ g_tls_connection_gnutls_handshake (GTlsConnectionBase *tls,
return status;
}
-static gboolean
-accept_peer_certificate (GTlsConnectionGnutls *gnutls,
- GTlsCertificate *peer_certificate,
- GTlsCertificateFlags peer_certificate_errors)
-{
- gboolean accepted = FALSE;
-
- if (G_IS_TLS_CLIENT_CONNECTION (gnutls))
- {
- GTlsCertificateFlags validation_flags =
- g_tls_client_connection_get_validation_flags (G_TLS_CLIENT_CONNECTION (gnutls));
-
- if ((peer_certificate_errors & validation_flags) == 0)
- accepted = TRUE;
- }
-
- if (!accepted)
- {
- accepted = g_tls_connection_emit_accept_certificate (G_TLS_CONNECTION (gnutls),
- peer_certificate,
- peer_certificate_errors);
- }
-
- return accepted;
-}
-
static GTlsConnectionBaseStatus
g_tls_connection_gnutls_complete_handshake (GTlsConnectionBase *tls,
GError **error)
@@ -653,8 +627,8 @@ g_tls_connection_gnutls_complete_handshake (GTlsConnectionBase *tls,
if (peer_certificate)
{
- if (!accept_peer_certificate (gnutls, peer_certificate,
- peer_certificate_errors))
+ if (!g_tls_connection_base_accept_peer_certificate (tls, peer_certificate,
+ peer_certificate_errors))
{
g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE,
_("Unacceptable TLS certificate"));
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]