diff options
author | Remko Tronçon <git@el-tramo.be> | 2010-11-09 22:12:48 (GMT) |
---|---|---|
committer | Remko Tronçon <git@el-tramo.be> | 2010-11-09 22:15:47 (GMT) |
commit | afae15f7cf212c993da8264a4ae89cf8729b3f86 (patch) | |
tree | a165f41a8c7b9fd3e6eee90bdf961013204bf09e | |
parent | bc5b3a02de2e9131bff940c9667f28b2ae588807 (diff) | |
download | swift-contrib-afae15f7cf212c993da8264a4ae89cf8729b3f86.zip swift-contrib-afae15f7cf212c993da8264a4ae89cf8729b3f86.tar.bz2 |
Added Doxygen documentation for some certificate APIs.
-rw-r--r-- | Swiften/Client/Client.h | 6 | ||||
-rw-r--r-- | Swiften/Client/CoreClient.h | 8 | ||||
-rw-r--r-- | Swiften/TLS/BlindCertificateTrustChecker.h | 8 | ||||
-rw-r--r-- | Swiften/TLS/Certificate.h | 4 | ||||
-rw-r--r-- | Swiften/TLS/CertificateTrustChecker.h | 8 |
5 files changed, 34 insertions, 0 deletions
diff --git a/Swiften/Client/Client.h b/Swiften/Client/Client.h index 1a6700e..fa45fdd 100644 --- a/Swiften/Client/Client.h +++ b/Swiften/Client/Client.h @@ -127,6 +127,12 @@ namespace Swift { return discoManager; } + /** + * Configures the client to always trust a non-validating + * TLS certificate from the server. + * This is equivalent to setting a BlindCertificateTrustChecker + * using setCertificateTrustChecker(). + */ void setAlwaysTrustCertificates(); public: diff --git a/Swiften/Client/CoreClient.h b/Swiften/Client/CoreClient.h index 211f84f..628ced0 100644 --- a/Swiften/Client/CoreClient.h +++ b/Swiften/Client/CoreClient.h @@ -133,6 +133,14 @@ namespace Swift { return stanzaChannel_; } + /** + * Sets the certificate trust checker. + * + * This checker will be called when the server sends a + * TLS certificate that does not validate. If the trust checker + * says the certificate is trusted, then connecting will proceed; + * if not, the connection will end with an error. + */ void setCertificateTrustChecker(CertificateTrustChecker*); public: diff --git a/Swiften/TLS/BlindCertificateTrustChecker.h b/Swiften/TLS/BlindCertificateTrustChecker.h index 26a7f94..fc7fbe8 100644 --- a/Swiften/TLS/BlindCertificateTrustChecker.h +++ b/Swiften/TLS/BlindCertificateTrustChecker.h @@ -9,6 +9,14 @@ #include "Swiften/TLS/CertificateTrustChecker.h" namespace Swift { + /** + * A certificate trust checker that trusts any ceritficate. + * + * This can be used to ignore any TLS certificate errors occurring + * during connection. + * + * \see Client::setAlwaysTrustCertificates() + */ class BlindCertificateTrustChecker : public CertificateTrustChecker { public: virtual bool isCertificateTrusted(Certificate::ref, const String&) { diff --git a/Swiften/TLS/Certificate.h b/Swiften/TLS/Certificate.h index 4a3cc8b..89c1de6 100644 --- a/Swiften/TLS/Certificate.h +++ b/Swiften/TLS/Certificate.h @@ -18,6 +18,10 @@ namespace Swift { virtual ~Certificate(); + /** + * Returns the textual representation of the full Subject + * name. + */ virtual String getSubjectName() const = 0; virtual std::vector<String> getCommonNames() const = 0; diff --git a/Swiften/TLS/CertificateTrustChecker.h b/Swiften/TLS/CertificateTrustChecker.h index 070c4bb..7400dac 100644 --- a/Swiften/TLS/CertificateTrustChecker.h +++ b/Swiften/TLS/CertificateTrustChecker.h @@ -12,10 +12,18 @@ #include "Swiften/TLS/Certificate.h" namespace Swift { + /** + * A class to implement a check for certificate trust. + */ class CertificateTrustChecker { public: virtual ~CertificateTrustChecker(); + /** + * This method is called to find out whether a certificate is + * trusted. This usually happens when a certificate's validation + * fails, to check whether to proceed with the connection or not. + */ virtual bool isCertificateTrusted(Certificate::ref certificate, const String& domain) = 0; }; } |