Hi there, I've recently started hacking on a project which uses libsoup. I want to do more than the ssl-ca-file & ssl-strict do regarding accepting secure connections. To be more specific, I want to allow an SSL whitelist, based on hostname and fingerprint. To do this I need to find the certificate's fingerprint. This is reasonably simple from GNUTLS, using gnutls_certificate_get_peers, gnutls_x509_crt_init and gnutls_x509_crt_get_fingerprint. However, this requires that I have access to the gnutls_session pointer, which libsoup currently keeps as a private part of SoupSession. I started trying to hack around the issue, but things started to get black magic-y, so I thought I should ask here. Am I going about this the right way? Is there a simple way of getting the gnutls session pointer? Is there another way to get at the certificate information from libsoup? Many thanks in advance for any tips / pointers. Nick
Attachment:
pgpOSOrLNjBFn.pgp
Description: PGP signature