GList*
tlscerts_list(void)
{
GList *res = NULL;
gsize len = 0;
gchar **groups = g_key_file_get_groups(tlscerts, &len);
int i = 0;
for (i = 0; i < g_strv_length(groups); i++) {
char *fingerprint = strdup(groups[i]);
char *domain = g_key_file_get_string(tlscerts, fingerprint, "domain", NULL);
char *organisation = g_key_file_get_string(tlscerts, fingerprint, "organisation", NULL);
char *email = g_key_file_get_string(tlscerts, fingerprint, "email", NULL);
char *notbefore = g_key_file_get_string(tlscerts, fingerprint, "start", NULL);
char *notafter = g_key_file_get_string(tlscerts, fingerprint, "end", NULL);
TLSCertificate *cert = tlscerts_new(fingerprint, domain, organisation, email, notbefore, notafter);
res = g_list_append(res, cert);
}
if (groups) {
g_strfreev(groups);
}
return res;
}
TLSCertificate*
tlscerts_get_trusted(const char * const fingerprint)
{
if (!g_key_file_has_group(tlscerts, fingerprint)) {
return NULL;
}
int version = g_key_file_get_integer(tlscerts, fingerprint, "version", NULL);
char *serialnumber = g_key_file_get_string(tlscerts, fingerprint, "serialnumber", NULL);
char *subjectname = g_key_file_get_string(tlscerts, fingerprint, "subjectname", NULL);
char *issuername = g_key_file_get_string(tlscerts, fingerprint, "issuername", NULL);
char *notbefore = g_key_file_get_string(tlscerts, fingerprint, "start", NULL);
char *notafter = g_key_file_get_string(tlscerts, fingerprint, "end", NULL);
char *keyalg = g_key_file_get_string(tlscerts, fingerprint, "keyalg", NULL);
char *signaturealg = g_key_file_get_string(tlscerts, fingerprint, "signaturealg", NULL);
TLSCertificate *cert = tlscerts_new(fingerprint, version, serialnumber, subjectname, issuername, notbefore,
notafter, keyalg, signaturealg);
free(serialnumber);
free(subjectname);
free(issuername);
free(notbefore);
free(notafter);
free(keyalg);
free(signaturealg);
return cert;
}
TLSCertificate*
_xmppcert_to_profcert(xmpp_tlscert_t *xmpptlscert)
{
return tlscerts_new(
xmpp_conn_tlscert_fingerprint(xmpptlscert),
xmpp_conn_tlscert_version(xmpptlscert),
xmpp_conn_tlscert_serialnumber(xmpptlscert),
xmpp_conn_tlscert_subjectname(xmpptlscert),
xmpp_conn_tlscert_issuername(xmpptlscert),
xmpp_conn_tlscert_notbefore(xmpptlscert),
xmpp_conn_tlscert_notafter(xmpptlscert),
xmpp_conn_tlscert_key_algorithm(xmpptlscert),
xmpp_conn_tlscert_signature_algorithm(xmpptlscert));
}
static int
_connection_certfail_cb(xmpp_tlscert_t *xmpptlscert, const char *const errormsg)
{
int version = xmpp_conn_tlscert_version(xmpptlscert);
char *serialnumber = xmpp_conn_tlscert_serialnumber(xmpptlscert);
char *subjectname = xmpp_conn_tlscert_subjectname(xmpptlscert);
char *issuername = xmpp_conn_tlscert_issuername(xmpptlscert);
char *fingerprint = xmpp_conn_tlscert_fingerprint(xmpptlscert);
char *notbefore = xmpp_conn_tlscert_notbefore(xmpptlscert);
char *notafter = xmpp_conn_tlscert_notafter(xmpptlscert);
char *key_alg = xmpp_conn_tlscert_key_algorithm(xmpptlscert);
char *signature_alg = xmpp_conn_tlscert_signature_algorithm(xmpptlscert);
TLSCertificate *cert = tlscerts_new(fingerprint, version, serialnumber, subjectname, issuername, notbefore,
notafter, key_alg, signature_alg);
int res = sv_ev_certfail(errormsg, cert);
tlscerts_free(cert);
return res;
}
TLSCertificate*
jabber_get_tls_peer_cert(void)
{
xmpp_tlscert_t *xmpptlscert = xmpp_conn_tls_peer_cert(jabber_conn.conn);
int version = xmpp_conn_tlscert_version(xmpptlscert);
char *serialnumber = xmpp_conn_tlscert_serialnumber(xmpptlscert);
char *subjectname = xmpp_conn_tlscert_subjectname(xmpptlscert);
char *issuername = xmpp_conn_tlscert_issuername(xmpptlscert);
char *fingerprint = xmpp_conn_tlscert_fingerprint(xmpptlscert);
char *notbefore = xmpp_conn_tlscert_notbefore(xmpptlscert);
char *notafter = xmpp_conn_tlscert_notafter(xmpptlscert);
char *key_alg = xmpp_conn_tlscert_key_algorithm(xmpptlscert);
char *signature_alg = xmpp_conn_tlscert_signature_algorithm(xmpptlscert);
TLSCertificate *cert = tlscerts_new(fingerprint, version, serialnumber, subjectname, issuername, notbefore,
notafter, key_alg, signature_alg);
xmpp_conn_free_tlscert(jabber_conn.ctx, xmpptlscert);
return cert;
}
GList*
tlscerts_list(void)
{
GList *res = NULL;
gsize len = 0;
gchar **groups = g_key_file_get_groups(tlscerts, &len);
int i = 0;
for (i = 0; i < g_strv_length(groups); i++) {
char *fingerprint = strdup(groups[i]);
int version = g_key_file_get_integer(tlscerts, fingerprint, "version", NULL);
char *serialnumber = g_key_file_get_string(tlscerts, fingerprint, "serialnumber", NULL);
char *subjectname = g_key_file_get_string(tlscerts, fingerprint, "subjectname", NULL);
char *issuername = g_key_file_get_string(tlscerts, fingerprint, "issuername", NULL);
char *notbefore = g_key_file_get_string(tlscerts, fingerprint, "start", NULL);
char *notafter = g_key_file_get_string(tlscerts, fingerprint, "end", NULL);
char *keyalg = g_key_file_get_string(tlscerts, fingerprint, "keyalg", NULL);
char *signaturealg = g_key_file_get_string(tlscerts, fingerprint, "signaturealg", NULL);
TLSCertificate *cert = tlscerts_new(fingerprint, version, serialnumber, subjectname, issuername, notbefore,
notafter, keyalg, signaturealg);
free(fingerprint);
free(serialnumber);
free(subjectname);
free(issuername);
free(notbefore);
free(notafter);
free(keyalg);
free(signaturealg);
res = g_list_append(res, cert);
}
if (groups) {
g_strfreev(groups);
}
return res;
}