Re: Querying the GNUTLS session from libsoup

From: Łukasz Ślachciak <lukasz slachciak gmail com>
To: Nick <libsoup njw me uk>
Cc: libsoup-list gnome org
Subject: Re: Querying the GNUTLS session from libsoup
Date: Sun, 20 Feb 2011 14:44:35 +0100

Hello Nick.

I made patch for getting certificte list,
see:
https://bugzilla.gnome.org/show_bug.cgi?id=632220
but it was finally dropped due to the new TLS support for GSocket
https://bugzilla.gnome.org/show_bug.cgi?id=588189


Regards

Lukasz

2011/2/18 Nick <libsoup njw me uk>:
> Hi there,
>
> I've recently started hacking on a project which uses libsoup. I
> want to do more than the ssl-ca-file & ssl-strict do regarding
> accepting secure connections. To be more specific, I want to allow
> an SSL whitelist, based on hostname and fingerprint.
>
> To do this I need to find the certificate's fingerprint. This is
> reasonably simple from GNUTLS, using gnutls_certificate_get_peers,
> gnutls_x509_crt_init and gnutls_x509_crt_get_fingerprint. However,
> this requires that I have access to the gnutls_session pointer,
> which libsoup currently keeps as a private part of SoupSession.
>
> I started trying to hack around the issue, but things started to get
> black magic-y, so I thought I should ask here. Am I going about this
> the right way? Is there a simple way of getting the gnutls session
> pointer? Is there another way to get at the certificate information
> from libsoup?
>
> Many thanks in advance for any tips / pointers.
>
> Nick
>
>
> _______________________________________________
> libsoup-list mailing list
> libsoup-list gnome org
> http://mail.gnome.org/mailman/listinfo/libsoup-list
>
>



-- 

Pozdrawiam

--
Łukasz Ślachciak
e-mail: lukasz slachciak gmail com
tel.    : +48 693 413 969

References:
- Querying the GNUTLS session from libsoup
  - From: Nick

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]