summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWill Thompson <will.thompson@collabora.co.uk>2009-07-07 11:00:50 (GMT)
committerWill Thompson <will.thompson@collabora.co.uk>2009-07-07 11:07:07 (GMT)
commit5b4ed6785f9e35e835e91b09a4dea4538641b09f (patch)
treef8a14e44407092515e65b0ef53e297ceb6881cf7
parente979f51009e798ec940bb4cf8dda8d80afe9f288 (diff)
downloadpidgin-5b4ed6785f9e35e835e91b09a4dea4538641b09f.tar.gz
pidgin-5b4ed6785f9e35e835e91b09a4dea4538641b09f.tar.xz
Allow UIs to accept certificates with bad certs
-rw-r--r--libpurple/certificate.c14
-rw-r--r--libpurple/certificate.h1
2 files changed, 14 insertions, 1 deletions
diff --git a/libpurple/certificate.c b/libpurple/certificate.c
index 30297f1..99d4e1e 100644
--- a/libpurple/certificate.c
+++ b/libpurple/certificate.c
@@ -1441,13 +1441,25 @@ x509_tls_cached_unknown_peer(PurpleCertificateVerificationRequest *vrq)
/* Check the signature */
if ( !purple_certificate_signed_by(end_crt, ca_crt) ) {
+ gchar *secondary;
+
+ if (purple_request_untrusted_cert_supported ())
+ purple_request_untrusted_cert (vrq->cb_data,
+ vrq_get_account (vrq),
+ vrq->subject_name, vrq->cert_chain,
+ PURPLE_CERTIFICATE_INVALID_SIGNATURE,
+ x509_tls_cached_user_auth_response_cb,
+ vrq);
+ return;
+ }
+
/* TODO: If signed_by ever returns a reason, maybe mention
that, too. */
/* TODO: Also mention the CA involved. While I could do this
now, a full DN is a little much with which to assault the
user's poor, leaky eyes. */
/* TODO: This error message makes my eyes cross, and I wrote it */
- gchar * secondary =
+ secondary =
g_strdup_printf(_("The certificate chain presented by "
"%s does not have a valid digital "
"signature from the Certificate "
diff --git a/libpurple/certificate.h b/libpurple/certificate.h
index 7afb843..6d3a49f 100644
--- a/libpurple/certificate.h
+++ b/libpurple/certificate.h
@@ -53,6 +53,7 @@ typedef enum
{
PURPLE_CERTIFICATE_SELF_SIGNED = 0,
PURPLE_CERTIFICATE_INVALID_CHAIN,
+ PURPLE_CERTIFICATE_INVALID_SIGNATURE,
PURPLE_CERTIFICATE_UNKNOWN_ROOT,
PURPLE_CERTIFICATE_HOSTNAME_MISMATCH,
} PurpleCertificateVerificationReason;