diff options
author | Marco Barisione <marco@barisione.org> | 2011-06-28 15:36:53 +0100 |
---|---|---|
committer | Marco Barisione <marco@barisione.org> | 2011-07-07 14:22:08 +0100 |
commit | a6c42b97d4e1984451c919048cc04df72b4c454d (patch) | |
tree | bf5138c72c1ef5bc7c561f08d43e67b58dc5ad3d /src/server-tls-manager.c | |
parent | 38a6178a7529e3b1bf1ab8439185541e01c18dd5 (diff) | |
download | telepathy-gabble-a6c42b97d4e1984451c919048cc04df72b4c454d.tar.gz |
Add an extra_identify argument to the TLS verification functions
Update the Wocky snaphost and adapt the TLS manager to the changes.
Now the TLS verification functions have an extra argument for the
additional hostnames that we have to consider valid.
This is useful, for instance, when using Google apps. Rather than
providing a certificate for the JID’s domain part, the server provides a
certificate for talk.google.com; if the user has explicitly configured a
‘Google Talk’ account, it's reasonable to accept certificates for this
domain.
Diffstat (limited to 'src/server-tls-manager.c')
-rw-r--r-- | src/server-tls-manager.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/server-tls-manager.c b/src/server-tls-manager.c index 1ad48921f..e41ed38a6 100644 --- a/src/server-tls-manager.c +++ b/src/server-tls-manager.c @@ -52,6 +52,7 @@ struct _GabbleServerTLSManagerPrivate { GabbleServerTLSChannel *channel; gchar *peername; + GStrv reference_identities; WockyTLSSession *tls_session; GSimpleAsyncResult *async_result; @@ -144,8 +145,8 @@ server_tls_channel_closed_cb (GabbleServerTLSChannel *channel, WOCKY_TLS_HANDLER_CLASS (gabble_server_tls_manager_parent_class)->verify_async_func ( WOCKY_TLS_HANDLER (self), self->priv->tls_session, - self->priv->peername, self->priv->async_callback, - self->priv->async_data); + self->priv->peername, self->priv->reference_identities, + self->priv->async_callback, self->priv->async_data); } tp_clear_object (&self->priv->async_result); @@ -206,6 +207,7 @@ static void gabble_server_tls_manager_verify_async (WockyTLSHandler *handler, WockyTLSSession *tls_session, const gchar *peername, + GStrv extra_identities, GAsyncReadyCallback callback, gpointer user_data) { @@ -228,7 +230,7 @@ gabble_server_tls_manager_verify_async (WockyTLSHandler *handler, WOCKY_TLS_HANDLER_CLASS (gabble_server_tls_manager_parent_class)->verify_async_func ( WOCKY_TLS_HANDLER (self), tls_session, peername, - callback, user_data); + extra_identities, callback, user_data); return; } @@ -249,6 +251,7 @@ gabble_server_tls_manager_verify_async (WockyTLSHandler *handler, self->priv->async_result = result; self->priv->tls_session = g_object_ref (tls_session); self->priv->peername = g_strdup (peername); + self->priv->reference_identities = g_strdupv (extra_identities); self->priv->async_callback = callback; self->priv->async_data = user_data; @@ -330,6 +333,7 @@ gabble_server_tls_manager_finalize (GObject *object) tp_base_channel_close (TP_BASE_CHANNEL (self->priv->channel)); g_free (self->priv->peername); + g_strfreev (self->priv->reference_identities); G_OBJECT_CLASS (gabble_server_tls_manager_parent_class)->finalize (object); } |