diff options
author | Tobias Markmann <tm@ayena.de> | 2012-05-04 21:39:30 (GMT) |
---|---|---|
committer | Remko Tronçon <git@el-tramo.be> | 2012-05-11 19:29:38 (GMT) |
commit | 0f91f88ac69644fb7e7bdbf601b7e098194490fa (patch) | |
tree | e66ca4acbf869c82bba607ca9c394a47615c6e6e /Swiften/TLS/Schannel | |
parent | 15ed4a079a8bbe3cc9ee2ca47233be7b890464ec (diff) | |
download | swift-0f91f88ac69644fb7e7bdbf601b7e098194490fa.zip swift-0f91f88ac69644fb7e7bdbf601b7e098194490fa.tar.bz2 |
Showing stream encryption status in the roster header. Provide native certificate viewers on click.
Native viewers for Windows and Mac OS X are implemented.
Added TODOs to OpenSSL based TLS interface related to CRL and OCSP.
Resolves: #167
License: This patch is BSD-licensed, see http://www.opensource.org/licenses/bsd-license.php
Diffstat (limited to 'Swiften/TLS/Schannel')
-rw-r--r-- | Swiften/TLS/Schannel/SchannelContext.cpp | 29 | ||||
-rw-r--r-- | Swiften/TLS/Schannel/SchannelContext.h | 1 |
2 files changed, 30 insertions, 0 deletions
diff --git a/Swiften/TLS/Schannel/SchannelContext.cpp b/Swiften/TLS/Schannel/SchannelContext.cpp index 641568d..997d760 100644 --- a/Swiften/TLS/Schannel/SchannelContext.cpp +++ b/Swiften/TLS/Schannel/SchannelContext.cpp @@ -633,6 +633,35 @@ Certificate::ref SchannelContext::getPeerCertificate() const { //------------------------------------------------------------------------ +std::vector<Certificate::ref> SchannelContext::getPeerCertificateChain() const { + std::vector<Certificate::ref> certificateChain; + ScopedCertContext pServerCert; + ScopedCertContext pIssuerCert; + ScopedCertContext pCurrentCert; + SECURITY_STATUS status = QueryContextAttributes(m_ctxtHandle, SECPKG_ATTR_REMOTE_CERT_CONTEXT, pServerCert.Reset()); + + if (status != SEC_E_OK) { + return certificateChain; + } + certificateChain.push_back(boost::make_shared<SchannelCertificate>(pServerCert)); + + pCurrentCert = pServerCert; + while(pCurrentCert.GetPointer()) { + DWORD dwVerificationFlags = 0; + pIssuerCert = CertGetIssuerCertificateFromStore(pServerCert->hCertStore, pCurrentCert, NULL, &dwVerificationFlags ); + if (!(*pIssuerCert.GetPointer())) { + break; + } + certificateChain.push_back(boost::make_shared<SchannelCertificate>(pIssuerCert)); + + pCurrentCert = pIssuerCert; + pIssuerCert = NULL; + } + return certificateChain; +} + +//------------------------------------------------------------------------ + CertificateVerificationError::ref SchannelContext::getPeerCertificateVerificationError() const { return m_verificationError ? boost::make_shared<CertificateVerificationError>(*m_verificationError) : CertificateVerificationError::ref(); } diff --git a/Swiften/TLS/Schannel/SchannelContext.h b/Swiften/TLS/Schannel/SchannelContext.h index 587d0e7..2d65a8a 100644 --- a/Swiften/TLS/Schannel/SchannelContext.h +++ b/Swiften/TLS/Schannel/SchannelContext.h @@ -51,6 +51,7 @@ namespace Swift virtual void handleDataFromApplication(const SafeByteArray& data); virtual Certificate::ref getPeerCertificate() const; + virtual std::vector<Certificate::ref> getPeerCertificateChain() const; virtual CertificateVerificationError::ref getPeerCertificateVerificationError() const; virtual ByteArray getFinishMessage() const; |