im.pidgin.pidgin.next.minor: beec87c1b2634db9d76a7dab8e3d89af473128ce
sadrul at pidgin.im
sadrul at pidgin.im
Mon Nov 26 04:30:34 EST 2007
-----------------------------------------------------------------
Revision: beec87c1b2634db9d76a7dab8e3d89af473128ce
Ancestor: bc5f3a2e4402a8d8964189815a0251ea4a4702de
Author: sadrul at pidgin.im
Date: 2007-11-26T09:28:15
Branch: im.pidgin.pidgin.next.minor
Modified files:
ChangeLog.API libpurple/certificate.c
libpurple/certificate.h
ChangeLog:
Patch from Florian Quèze (the InstantBird dude) to add a search path for
certificates. Closes #3634.
The original patch was to set the path purple searches for certificats. I
changed it to allow for multiple search paths. This is similar to how purple
searches for plugins in multiple paths.
-------------- next part --------------
============================================================
--- ChangeLog.API 458c9fc32b682d4f91604a849d1bd24709d2d558
+++ ChangeLog.API c00d6fc4765cbe6c93589d0c971fc925edcf07d6
@@ -1,6 +1,10 @@ version 2.4.0 (??/??/????):
Pidgin and Finch: The Pimpin' Penguin IM Clients That're Good for the Soul
version 2.4.0 (??/??/????):
+ libpurple:
+ Added:
+ * purple_certificate_add_ca_search_path. (Florian Quèze)
+
Pidgin:
Added:
* pidgin_create_dialog to create a window that closes on escape. Also
============================================================
--- libpurple/certificate.c 7a5f333abd5b8481d5aa1ec7589fd6a0e8e1b1ca
+++ libpurple/certificate.c 9c449ee7956ae8ddf8bc6b3145f7eeb3981301d1
@@ -627,7 +627,7 @@ x509_ca_element_free(x509_ca_element *el
/** System directory to probe for CA certificates */
/* This is set in the lazy_init function */
-static const gchar *x509_ca_syspath = NULL;
+static GList *x509_ca_paths = NULL;
/** A list of loaded CAs, populated from the above path whenever the lazy_init
happens. Contains pointers to x509_ca_elements */
@@ -674,6 +674,7 @@ x509_ca_lazy_init(void)
GDir *certdir;
const gchar *entry;
GPatternSpec *pempat;
+ GList *iter = NULL;
if (x509_ca_initialized) return TRUE;
@@ -687,54 +688,48 @@ x509_ca_lazy_init(void)
return FALSE;
}
- /* Attempt to point at the appropriate system path */
- if (NULL == x509_ca_syspath) {
-#ifdef _WIN32
- x509_ca_syspath = g_build_filename(DATADIR,
- "ca-certs", NULL);
-#else
- x509_ca_syspath = g_build_filename(DATADIR,
- "purple", "ca-certs", NULL);
-#endif
- }
-
- /* Populate the certificates pool from the system path */
- certdir = g_dir_open(x509_ca_syspath, 0, NULL);
- g_return_val_if_fail(certdir, FALSE);
-
/* Use a glob to only read .pem files */
pempat = g_pattern_spec_new("*.pem");
-
- while ( (entry = g_dir_read_name(certdir)) ) {
- gchar *fullpath;
- PurpleCertificate *crt;
- if ( !g_pattern_match_string(pempat, entry) ) {
+ /* Populate the certificates pool from the search path(s) */
+ for (iter = x509_ca_paths; iter; iter = iter->next) {
+ certdir = g_dir_open(iter->data, 0, NULL);
+ if (!certdir) {
+ purple_debug_error("certificate/x509/ca", "Couldn't open location '%s'\n", iter->data);
continue;
}
- fullpath = g_build_filename(x509_ca_syspath, entry, NULL);
-
- /* TODO: Respond to a failure in the following? */
- crt = purple_certificate_import(x509, fullpath);
+ while ( (entry = g_dir_read_name(certdir)) ) {
+ gchar *fullpath;
+ PurpleCertificate *crt;
- if (x509_ca_quiet_put_cert(crt)) {
- purple_debug_info("certificate/x509/ca",
- "Loaded %s\n",
- fullpath);
- } else {
- purple_debug_error("certificate/x509/ca",
- "Failed to load %s\n",
- fullpath);
+ if ( !g_pattern_match_string(pempat, entry) ) {
+ continue;
+ }
+
+ fullpath = g_build_filename(iter->data, entry, NULL);
+
+ /* TODO: Respond to a failure in the following? */
+ crt = purple_certificate_import(x509, fullpath);
+
+ if (x509_ca_quiet_put_cert(crt)) {
+ purple_debug_info("certificate/x509/ca",
+ "Loaded %s\n",
+ fullpath);
+ } else {
+ purple_debug_error("certificate/x509/ca",
+ "Failed to load %s\n",
+ fullpath);
+ }
+
+ purple_certificate_destroy(crt);
+ g_free(fullpath);
}
-
- purple_certificate_destroy(crt);
- g_free(fullpath);
+ g_dir_close(certdir);
}
g_pattern_spec_free(pempat);
- g_dir_close(certdir);
-
+
purple_debug_info("certificate/x509/ca",
"Lazy init completed.\n");
x509_ca_initialized = TRUE;
@@ -744,6 +739,17 @@ x509_ca_init(void)
static gboolean
x509_ca_init(void)
{
+ /* Attempt to point at the appropriate system path */
+ if (NULL == x509_ca_paths) {
+#ifdef _WIN32
+ x509_ca_paths = g_list_append(NULL, g_build_filename(DATADIR,
+ "ca-certs", NULL));
+#else
+ x509_ca_paths = g_list_append(NULL, g_build_filename(DATADIR,
+ "purple", "ca-certs", NULL));
+#endif
+ }
+
/* Attempt to initialize now, but if it doesn't work, that's OK;
it will get done later */
if ( ! x509_ca_lazy_init()) {
@@ -752,7 +758,7 @@ x509_ca_init(void)
"dependency is not yet registered. "
"It has been deferred to later.\n");
}
-
+
return TRUE;
}
@@ -768,6 +774,9 @@ x509_ca_uninit(void)
g_list_free(x509_ca_certs);
x509_ca_certs = NULL;
x509_ca_initialized = FALSE;
+ g_list_foreach(x509_ca_paths, (GFunc)g_free, NULL);
+ g_list_free(x509_ca_paths);
+ x509_ca_paths = NULL;
}
/** Look up a ca_element by dn */
@@ -1906,3 +1915,10 @@ purple_certificate_display_x509(PurpleCe
g_byte_array_free(sha_bin, TRUE);
}
+void purple_certificate_add_ca_search_path(const char *path)
+{
+ if (g_list_find_custom(x509_ca_paths, path, (GCompareFunc)strcmp))
+ return;
+ x509_ca_paths = g_list_append(x509_ca_paths, g_strdup(path));
+}
+
============================================================
--- libpurple/certificate.h 0f269f14062f20712c94e4b44a4bdb0cb4c9e101
+++ libpurple/certificate.h 32b85f7604dcd1f37ae53188b9c5a45d861a7ec0
@@ -786,6 +786,12 @@ purple_certificate_display_x509(PurpleCe
void
purple_certificate_display_x509(PurpleCertificate *crt);
+/**
+ * Add a search path for certificates.
+ *
+ * @param path Path to search for certificates.
+ */
+void purple_certificate_add_ca_search_path(const char *path);
#ifdef __cplusplus
}
More information about the Commits
mailing list