Manual certificate verification.dreijer/schannel

Added two additional TLS errors related to revocation. License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
author: dreijer <dreijer@echobit.net> 2012-03-22 14:17:38 (GMT)
committer: dreijer <dreijer@echobit.net> 2012-03-22 15:56:31 (GMT)
commit: 5f9e12d9d197195a859ad523a39fdb752f2c4cff (patch)
tree: 827b31bc062cfef1432eb4b984760ec48d9e32b0 /Swiften/Client
parent: 2fa37f2976b933ca0bcf5f85dd1615805776d67d (diff)
download: swift-contrib-dreijer/schannel.zip
swift-contrib-dreijer/schannel.tar.bz2
2 files changed, 8 insertions, 0 deletions
diff --git a/Swiften/Client/ClientError.h b/Swiften/Client/ClientError.h
index baf1b0a..2f2d2af 100644
--- a/Swiften/Client/ClientError.h
+++ b/Swiften/Client/ClientError.h
@@ -8,45 +8,47 @@
 
 namespace Swift {
 	class ClientError {
 		public:
 			enum Type {
 				UnknownError,
 				DomainNameResolveError,
 				ConnectionError,
 				ConnectionReadError,
 				ConnectionWriteError,
 				XMLError,
 				AuthenticationFailedError,
 				CompressionFailedError,
 				ServerVerificationFailedError,
 				NoSupportedAuthMechanismsError,
 				UnexpectedElementError,
 				ResourceBindError,
 				SessionStartError,
 				StreamError,
 				TLSError,
 				ClientCertificateLoadError,
 				ClientCertificateError,
 
 				// Certificate verification errors
 				UnknownCertificateError,
 				CertificateExpiredError,
 				CertificateNotYetValidError,
 				CertificateSelfSignedError,
 				CertificateRejectedError,
 				CertificateUntrustedError,
 				InvalidCertificatePurposeError,
 				CertificatePathLengthExceededError,
 				InvalidCertificateSignatureError,
 				InvalidCAError,
 				InvalidServerIdentityError,
+				RevokedError,
+				RevocationCheckFailedError
 			};
 
 			ClientError(Type type = UnknownError) : type_(type) {}
 
 			Type getType() const { return type_; }
 
 		private:
 			Type type_;
 	};
 }
diff --git a/Swiften/Client/CoreClient.cpp b/Swiften/Client/CoreClient.cpp
index f7e3b21..14481c6 100644
--- a/Swiften/Client/CoreClient.cpp
+++ b/Swiften/Client/CoreClient.cpp
@@ -239,70 +239,76 @@ void CoreClient::handleSessionFinished(boost::shared_ptr<Error> error) {
 		else if (boost::shared_ptr<CertificateVerificationError> verificationError = boost::dynamic_pointer_cast<CertificateVerificationError>(error)) {
 			switch(verificationError->getType()) {
 				case CertificateVerificationError::UnknownError: 
 					clientError = ClientError(ClientError::UnknownCertificateError);
 					break;
 				case CertificateVerificationError::Expired: 
 					clientError = ClientError(ClientError::CertificateExpiredError);
 					break;
 				case CertificateVerificationError::NotYetValid: 
 					clientError = ClientError(ClientError::CertificateNotYetValidError);
 					break;
 				case CertificateVerificationError::SelfSigned: 
 					clientError = ClientError(ClientError::CertificateSelfSignedError);
 					break;
 				case CertificateVerificationError::Rejected: 
 					clientError = ClientError(ClientError::CertificateRejectedError);
 					break;
 				case CertificateVerificationError::Untrusted: 
 					clientError = ClientError(ClientError::CertificateUntrustedError);
 					break;
 				case CertificateVerificationError::InvalidPurpose: 
 					clientError = ClientError(ClientError::InvalidCertificatePurposeError);
 					break;
 				case CertificateVerificationError::PathLengthExceeded: 
 					clientError = ClientError(ClientError::CertificatePathLengthExceededError);
 					break;
 				case CertificateVerificationError::InvalidSignature: 
 					clientError = ClientError(ClientError::InvalidCertificateSignatureError);
 					break;
 				case CertificateVerificationError::InvalidCA: 
 					clientError = ClientError(ClientError::InvalidCAError);
 					break;
 				case CertificateVerificationError::InvalidServerIdentity:
 					clientError = ClientError(ClientError::InvalidServerIdentityError);
 					break;
+				case CertificateVerificationError::Revoked:
+					clientError = ClientError(ClientError::RevokedError);
+					break;
+				case CertificateVerificationError::RevocationCheckFailed:
+					clientError = ClientError(ClientError::RevocationCheckFailedError);
+					break;
 			}
 		}
 		actualError = boost::optional<ClientError>(clientError);
 	}
 	onDisconnected(actualError);
 }
 
 void CoreClient::handleNeedCredentials() {
 	assert(session_);
 	session_->sendCredentials(password_);
 	if (options.forgetPassword) {
 		purgePassword();
 	}
 }
 
 void CoreClient::handleDataRead(const SafeByteArray& data) {
 	onDataRead(data);
 }
 
 void CoreClient::handleDataWritten(const SafeByteArray& data) {
 	onDataWritten(data);
 }
 
 void CoreClient::handleStanzaChannelAvailableChanged(bool available) {
 	if (available) {
 		iqRouter_->setJID(session_->getLocalJID());
 		handleConnected();
 		onConnected();
 	}
 }
 
 void CoreClient::sendMessage(boost::shared_ptr<Message> message) {
 	stanzaChannel_->sendMessage(message);
 }
author	dreijer <dreijer@echobit.net>	2012-03-22 14:17:38 (GMT)
committer	dreijer <dreijer@echobit.net>	2012-03-22 15:56:31 (GMT)
commit	5f9e12d9d197195a859ad523a39fdb752f2c4cff (patch)
tree	827b31bc062cfef1432eb4b984760ec48d9e32b0 /Swiften/Client
parent	2fa37f2976b933ca0bcf5f85dd1615805776d67d (diff)
download	swift-contrib-dreijer/schannel.zip swift-contrib-dreijer/schannel.tar.bz2