summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Markmann <tm@ayena.de>2016-03-31 14:57:35 (GMT)
committerTobias Markmann <tm@ayena.de>2016-03-31 14:57:35 (GMT)
commitcfbdb43d2cadd40aa87338d41548e4bf89e146e6 (patch)
tree18d94153a302445196fc0c18586abf44a1ce4a38 /Swiften/TLS/ServerIdentityVerifier.cpp
parent1d545a4a7fb877f021508094b88c1f17b30d8b4e (diff)
downloadswift-cfbdb43d2cadd40aa87338d41548e4bf89e146e6.zip
swift-cfbdb43d2cadd40aa87338d41548e4bf89e146e6.tar.bz2
Convert tabs to 4 spaces for all source files
Removed trailing spaces and whitespace on empty lines in the process. Changed CheckTabs.py tool to disallow hard tabs in source files. Test-Information: Manually checked 30 random files that the conversion worked as expected. Change-Id: I874f99d617bd3d2bb55f02d58f22f58f9b094480
Diffstat (limited to 'Swiften/TLS/ServerIdentityVerifier.cpp')
-rw-r--r--Swiften/TLS/ServerIdentityVerifier.cpp124
1 files changed, 62 insertions, 62 deletions
diff --git a/Swiften/TLS/ServerIdentityVerifier.cpp b/Swiften/TLS/ServerIdentityVerifier.cpp
index 19d7489..b247585 100644
--- a/Swiften/TLS/ServerIdentityVerifier.cpp
+++ b/Swiften/TLS/ServerIdentityVerifier.cpp
@@ -14,82 +14,82 @@
namespace Swift {
ServerIdentityVerifier::ServerIdentityVerifier(const JID& jid, IDNConverter* idnConverter) : domainValid(false) {
- domain = jid.getDomain();
- boost::optional<std::string> domainResult = idnConverter->getIDNAEncoded(domain);
- if (!!domainResult) {
- encodedDomain = *domainResult;
- domainValid = true;
- }
+ domain = jid.getDomain();
+ boost::optional<std::string> domainResult = idnConverter->getIDNAEncoded(domain);
+ if (!!domainResult) {
+ encodedDomain = *domainResult;
+ domainValid = true;
+ }
}
bool ServerIdentityVerifier::certificateVerifies(Certificate::ref certificate) {
- bool hasSAN = false;
+ bool hasSAN = false;
- if (certificate == NULL) {
- return false;
- }
- // DNS names
- std::vector<std::string> dnsNames = certificate->getDNSNames();
- foreach (const std::string& dnsName, dnsNames) {
- if (matchesDomain(dnsName)) {
- return true;
- }
- }
- hasSAN |= !dnsNames.empty();
+ if (certificate == NULL) {
+ return false;
+ }
+ // DNS names
+ std::vector<std::string> dnsNames = certificate->getDNSNames();
+ foreach (const std::string& dnsName, dnsNames) {
+ if (matchesDomain(dnsName)) {
+ return true;
+ }
+ }
+ hasSAN |= !dnsNames.empty();
- // SRV names
- std::vector<std::string> srvNames = certificate->getSRVNames();
- foreach (const std::string& srvName, srvNames) {
- // Only match SRV names that begin with the service; this isn't required per
- // spec, but we're being purist about this.
- if (boost::starts_with(srvName, "_xmpp-client.") && matchesDomain(srvName.substr(std::string("_xmpp-client.").size(), srvName.npos))) {
- return true;
- }
- }
- hasSAN |= !srvNames.empty();
+ // SRV names
+ std::vector<std::string> srvNames = certificate->getSRVNames();
+ foreach (const std::string& srvName, srvNames) {
+ // Only match SRV names that begin with the service; this isn't required per
+ // spec, but we're being purist about this.
+ if (boost::starts_with(srvName, "_xmpp-client.") && matchesDomain(srvName.substr(std::string("_xmpp-client.").size(), srvName.npos))) {
+ return true;
+ }
+ }
+ hasSAN |= !srvNames.empty();
- // XmppAddr
- std::vector<std::string> xmppAddresses = certificate->getXMPPAddresses();
- foreach (const std::string& xmppAddress, xmppAddresses) {
- if (matchesAddress(xmppAddress)) {
- return true;
- }
- }
- hasSAN |= !xmppAddresses.empty();
+ // XmppAddr
+ std::vector<std::string> xmppAddresses = certificate->getXMPPAddresses();
+ foreach (const std::string& xmppAddress, xmppAddresses) {
+ if (matchesAddress(xmppAddress)) {
+ return true;
+ }
+ }
+ hasSAN |= !xmppAddresses.empty();
- // CommonNames. Only check this if there was no SAN (according to spec).
- if (!hasSAN) {
- std::vector<std::string> commonNames = certificate->getCommonNames();
- foreach (const std::string& commonName, commonNames) {
- if (matchesDomain(commonName)) {
- return true;
- }
- }
- }
+ // CommonNames. Only check this if there was no SAN (according to spec).
+ if (!hasSAN) {
+ std::vector<std::string> commonNames = certificate->getCommonNames();
+ foreach (const std::string& commonName, commonNames) {
+ if (matchesDomain(commonName)) {
+ return true;
+ }
+ }
+ }
- return false;
+ return false;
}
bool ServerIdentityVerifier::matchesDomain(const std::string& s) const {
- if (!domainValid) {
- return false;
- }
- if (boost::starts_with(s, "*.")) {
- std::string matchString(s.substr(2, s.npos));
- std::string matchDomain = encodedDomain;
- size_t dotIndex = matchDomain.find('.');
- if (dotIndex != matchDomain.npos) {
- matchDomain = matchDomain.substr(dotIndex + 1, matchDomain.npos);
- }
- return matchString == matchDomain;
- }
- else {
- return s == encodedDomain;
- }
+ if (!domainValid) {
+ return false;
+ }
+ if (boost::starts_with(s, "*.")) {
+ std::string matchString(s.substr(2, s.npos));
+ std::string matchDomain = encodedDomain;
+ size_t dotIndex = matchDomain.find('.');
+ if (dotIndex != matchDomain.npos) {
+ matchDomain = matchDomain.substr(dotIndex + 1, matchDomain.npos);
+ }
+ return matchString == matchDomain;
+ }
+ else {
+ return s == encodedDomain;
+ }
}
bool ServerIdentityVerifier::matchesAddress(const std::string& s) const {
- return s == domain;
+ return s == domain;
}
}