summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexey Melnikov <alexey.melnikov@isode.com>2012-02-13 17:54:23 (GMT)
committerKevin Smith <git@kismith.co.uk>2012-02-22 14:08:13 (GMT)
commit110eb87e848b85dd74a6f19413c775520a75ea35 (patch)
treeb10236387180fca676a29f24c747c9d0fd94d8dd /Swiften/Client/CoreClient.cpp
parent64fc103d0d5d1d523d00dcc5b231715160475f7e (diff)
downloadswift-contrib-110eb87e848b85dd74a6f19413c775520a75ea35.zip
swift-contrib-110eb87e848b85dd74a6f19413c775520a75ea35.tar.bz2
Initial implementation of using CAPI certificates with Schannel.
Introduced a new parent class for all certificates with keys (class CertificateWithKey is the new parent for PKCS12Certificate.) Switched to using "CertificateWithKey *" instead of "const CertificateWithKey&" Added calling of a Windows dialog for certificate selection when Schannel TLS implementation is used. This compiles, but is not tested. License: This patch is BSD-licensed, see Documentation/Licenses/BSD-simplified.txt for details.
Diffstat (limited to 'Swiften/Client/CoreClient.cpp')
-rw-r--r--Swiften/Client/CoreClient.cpp27
1 files changed, 26 insertions, 1 deletions
diff --git a/Swiften/Client/CoreClient.cpp b/Swiften/Client/CoreClient.cpp
index de12fb7..36bfe35 100644
--- a/Swiften/Client/CoreClient.cpp
+++ b/Swiften/Client/CoreClient.cpp
@@ -126,6 +126,19 @@ void CoreClient::bindSessionToStream() {
session_->start();
}
+bool CoreClient::isCAPIURI() {
+#ifdef HAVE_SCHANNEL
+ if (!boost::iequals(certificate_.substr(0, 10), "certstore:")) {
+ return false;
+ }
+
+ return true;
+
+#else
+ return false;
+#endif
+}
+
/**
* Only called for TCP sessions. BOSH is handled inside the BOSHSessionStream.
*/
@@ -144,7 +157,19 @@ void CoreClient::handleConnectorFinished(boost::shared_ptr<Connection> connectio
assert(!sessionStream_);
sessionStream_ = boost::make_shared<BasicSessionStream>(ClientStreamType, connection_, getPayloadParserFactories(), getPayloadSerializers(), networkFactories->getTLSContextFactory(), networkFactories->getTimerFactory(), networkFactories->getXMLParserFactory());
if (!certificate_.empty()) {
- sessionStream_->setTLSCertificate(PKCS12Certificate(certificate_, password_));
+ CertificateWithKey* cert;
+
+#if defined(SWIFTEN_PLATFORM_WIN32)
+ if (isCAPIURI()) {
+ cert = new CAPICertificate(certificate_);
+ } else {
+ cert = new PKCS12Certificate(certificate_, password_);
+ }
+#else
+ cert = new PKCS12Certificate(certificate_, password_);
+#endif
+
+ sessionStream_->setTLSCertificate(cert);
}
sessionStream_->onDataRead.connect(boost::bind(&CoreClient::handleDataRead, this, _1));
sessionStream_->onDataWritten.connect(boost::bind(&CoreClient::handleDataWritten, this, _1));