[glib-networking/wip/tlssplit: 5/6] base: move accept_peer_certificate to the base connection



commit d7472d8a85fd960048629be879c76c8af5a6ad48
Author: Ignacio Casal Quinteiro <icq gnome org>
Date:   Thu Aug 20 17:28:04 2015 +0200

    base: move accept_peer_certificate to the base connection

 tls/base/gtlsconnection-base.c     |   26 ++++++++++++++++++++++++++
 tls/base/gtlsconnection-base.h     |    4 ++++
 tls/gnutls/gtlsconnection-gnutls.c |   30 ++----------------------------
 3 files changed, 32 insertions(+), 28 deletions(-)
---
diff --git a/tls/base/gtlsconnection-base.c b/tls/base/gtlsconnection-base.c
index 1a6ce19..4f39fbf 100644
--- a/tls/base/gtlsconnection-base.c
+++ b/tls/base/gtlsconnection-base.c
@@ -708,6 +708,32 @@ g_tls_connection_base_create_source (GTlsConnectionBase  *tls,
   return source;
 }
 
+gboolean
+g_tls_connection_base_accept_peer_certificate (GTlsConnectionBase   *tls,
+                                               GTlsCertificate      *peer_certificate,
+                                               GTlsCertificateFlags  peer_certificate_errors)
+{
+  gboolean accepted = FALSE;
+
+  if (G_IS_TLS_CLIENT_CONNECTION (tls))
+    {
+      GTlsCertificateFlags validation_flags =
+        g_tls_client_connection_get_validation_flags (G_TLS_CLIENT_CONNECTION (tls));
+
+      if ((peer_certificate_errors & validation_flags) == 0)
+        accepted = TRUE;
+    }
+
+  if (!accepted)
+    {
+      accepted = g_tls_connection_emit_accept_certificate (G_TLS_CONNECTION (tls),
+                                                           peer_certificate,
+                                                           peer_certificate_errors);
+    }
+
+  return accepted;
+}
+
 void
 g_tls_connection_base_set_peer_certificate (GTlsConnectionBase   *tls,
                                            GTlsCertificate      *peer_certificate,
diff --git a/tls/base/gtlsconnection-base.h b/tls/base/gtlsconnection-base.h
index 7f676bf..0809644 100644
--- a/tls/base/gtlsconnection-base.h
+++ b/tls/base/gtlsconnection-base.h
@@ -160,6 +160,10 @@ struct _GTlsConnectionBase
 
 GType g_tls_connection_base_get_type (void) G_GNUC_CONST;
 
+gboolean g_tls_connection_base_accept_peer_certificate (GTlsConnectionBase   *tls,
+                                                        GTlsCertificate      *peer_certificate,
+                                                        GTlsCertificateFlags  peer_certificate_errors);
+
 void g_tls_connection_base_set_peer_certificate (GTlsConnectionBase   *tls,
                                                 GTlsCertificate      *peer_certificate,
                                                 GTlsCertificateFlags  peer_certificate_errors);
diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c
index 15c4d7d..a7a6b18 100644
--- a/tls/gnutls/gtlsconnection-gnutls.c
+++ b/tls/gnutls/gtlsconnection-gnutls.c
@@ -612,32 +612,6 @@ g_tls_connection_gnutls_handshake (GTlsConnectionBase  *tls,
   return status;
 }
 
-static gboolean
-accept_peer_certificate (GTlsConnectionGnutls *gnutls,
-                        GTlsCertificate      *peer_certificate,
-                        GTlsCertificateFlags  peer_certificate_errors)
-{
-  gboolean accepted = FALSE;
-
-  if (G_IS_TLS_CLIENT_CONNECTION (gnutls))
-    {
-      GTlsCertificateFlags validation_flags =
-       g_tls_client_connection_get_validation_flags (G_TLS_CLIENT_CONNECTION (gnutls));
-
-      if ((peer_certificate_errors & validation_flags) == 0)
-       accepted = TRUE;
-    }
-
-  if (!accepted)
-    {
-      accepted = g_tls_connection_emit_accept_certificate (G_TLS_CONNECTION (gnutls),
-                                                          peer_certificate,
-                                                          peer_certificate_errors);
-    }
-
-  return accepted;
-}
-
 static GTlsConnectionBaseStatus
 g_tls_connection_gnutls_complete_handshake (GTlsConnectionBase  *tls,
                                            GError             **error)
@@ -653,8 +627,8 @@ g_tls_connection_gnutls_complete_handshake (GTlsConnectionBase  *tls,
 
   if (peer_certificate)
     {
-      if (!accept_peer_certificate (gnutls, peer_certificate,
-                                   peer_certificate_errors))
+      if (!g_tls_connection_base_accept_peer_certificate (tls, peer_certificate,
+                                                          peer_certificate_errors))
        {
          g_set_error_literal (error, G_TLS_ERROR, G_TLS_ERROR_BAD_CERTIFICATE,
                               _("Unacceptable TLS certificate"));


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]