mirror of
https://github.com/profanity-im/profanity.git
synced 2024-12-04 14:46:46 -05:00
Added extra fields to TLSCertificate
This commit is contained in:
parent
efb732e3c1
commit
0bb596e14a
@ -119,11 +119,17 @@ tlscerts_list(void)
|
||||
int i = 0;
|
||||
for (i = 0; i < g_strv_length(groups); i++) {
|
||||
char *fingerprint = strdup(groups[i]);
|
||||
int version = g_key_file_get_integer(tlscerts, fingerprint, "version", NULL);
|
||||
char *serialnumber = g_key_file_get_string(tlscerts, fingerprint, "serialnumber", NULL);
|
||||
char *subjectname = g_key_file_get_string(tlscerts, fingerprint, "subjectname", NULL);
|
||||
char *issuername = g_key_file_get_string(tlscerts, fingerprint, "issuername", NULL);
|
||||
char *notbefore = g_key_file_get_string(tlscerts, fingerprint, "start", NULL);
|
||||
char *notafter = g_key_file_get_string(tlscerts, fingerprint, "end", NULL);
|
||||
char *keyalg = g_key_file_get_string(tlscerts, fingerprint, "keyalg", NULL);
|
||||
char *signaturealg = g_key_file_get_string(tlscerts, fingerprint, "signaturealg", NULL);
|
||||
|
||||
TLSCertificate *cert = tlscerts_new(fingerprint, subjectname, notbefore, notafter);
|
||||
TLSCertificate *cert = tlscerts_new(fingerprint, version, serialnumber, subjectname, issuername, notbefore,
|
||||
notafter, keyalg, signaturealg);
|
||||
|
||||
res = g_list_append(res, cert);
|
||||
}
|
||||
@ -136,20 +142,32 @@ tlscerts_list(void)
|
||||
}
|
||||
|
||||
TLSCertificate*
|
||||
tlscerts_new(const char *const fingerprint, const char *const subjectname, const char *const notbefore,
|
||||
const char *const notafter)
|
||||
tlscerts_new(const char *const fingerprint, int version, const char *const serialnumber, const char *const subjectname,
|
||||
const char *const issuername, const char *const notbefore, const char *const notafter,
|
||||
const char *const key_alg, const char *const signature_alg)
|
||||
{
|
||||
TLSCertificate *cert = malloc(sizeof(TLSCertificate));
|
||||
|
||||
if (fingerprint) {
|
||||
cert->fingerprint = strdup(fingerprint);
|
||||
} else {
|
||||
cert->fingerprint = NULL;
|
||||
}
|
||||
cert->version = version;
|
||||
if (serialnumber) {
|
||||
cert->serialnumber = strdup(serialnumber);
|
||||
} else {
|
||||
cert->serialnumber = NULL;
|
||||
}
|
||||
if (subjectname) {
|
||||
cert->subjectname = strdup(subjectname);
|
||||
} else {
|
||||
cert->subjectname = NULL;
|
||||
}
|
||||
if (fingerprint) {
|
||||
cert->fingerprint = strdup(fingerprint);
|
||||
if (issuername) {
|
||||
cert->issuername = strdup(issuername);
|
||||
} else {
|
||||
cert->fingerprint = NULL;
|
||||
cert->issuername = NULL;
|
||||
}
|
||||
if (notbefore) {
|
||||
cert->notbefore = strdup(notbefore);
|
||||
@ -161,23 +179,94 @@ tlscerts_new(const char *const fingerprint, const char *const subjectname, const
|
||||
} else {
|
||||
cert->notafter = NULL;
|
||||
}
|
||||
if (key_alg) {
|
||||
cert->key_alg = strdup(key_alg);
|
||||
} else {
|
||||
cert->key_alg = NULL;
|
||||
}
|
||||
if (signature_alg) {
|
||||
cert->signature_alg = strdup(signature_alg);
|
||||
} else {
|
||||
cert->signature_alg = NULL;
|
||||
}
|
||||
|
||||
cert->domain = NULL;
|
||||
cert->email = NULL;
|
||||
cert->organisation = NULL;
|
||||
cert->subject_country = NULL;
|
||||
cert->subject_state = NULL;
|
||||
cert->subject_distinguishedname = NULL;
|
||||
cert->subject_serialnumber = NULL;
|
||||
cert->subject_commonname = NULL;
|
||||
cert->subject_organisation = NULL;
|
||||
cert->subject_organisation_unit = NULL;
|
||||
cert->subject_email = NULL;
|
||||
gchar** fields = g_strsplit(subjectname, "/", 0);
|
||||
int i = 0;
|
||||
for (i = 0; i < g_strv_length(fields); i++) {
|
||||
gchar** keyval = g_strsplit(fields[i], "=", 2);
|
||||
if (g_strv_length(keyval) == 2) {
|
||||
if (g_strcmp0(keyval[0], "CN") == 0) {
|
||||
cert->domain = strdup(keyval[1]);
|
||||
if ((g_strcmp0(keyval[0], "C") == 0) || (g_strcmp0(keyval[0], "countryName") == 0)) {
|
||||
cert->subject_country = strdup(keyval[1]);
|
||||
}
|
||||
if (g_strcmp0(keyval[0], "O") == 0) {
|
||||
cert->organisation = strdup(keyval[1]);
|
||||
if ((g_strcmp0(keyval[0], "ST") == 0) || (g_strcmp0(keyval[0], "stateOrProvinceName") == 0)) {
|
||||
cert->subject_state = strdup(keyval[1]);
|
||||
}
|
||||
if (g_strcmp0(keyval[0], "dnQualifier") == 0) {
|
||||
cert->subject_distinguishedname = strdup(keyval[1]);
|
||||
}
|
||||
if (g_strcmp0(keyval[0], "serialnumber") == 0) {
|
||||
cert->subject_serialnumber = strdup(keyval[1]);
|
||||
}
|
||||
if ((g_strcmp0(keyval[0], "CN") == 0) || (g_strcmp0(keyval[0], "commonName") == 0)) {
|
||||
cert->subject_commonname = strdup(keyval[1]);
|
||||
}
|
||||
if ((g_strcmp0(keyval[0], "O") == 0) || (g_strcmp0(keyval[0], "organizationName") == 0)) {
|
||||
cert->subject_organisation = strdup(keyval[1]);
|
||||
}
|
||||
if ((g_strcmp0(keyval[0], "OU") == 0) || (g_strcmp0(keyval[0], "organizationalUnitName") == 0)) {
|
||||
cert->subject_organisation_unit = strdup(keyval[1]);
|
||||
}
|
||||
if (g_strcmp0(keyval[0], "emailAddress") == 0) {
|
||||
cert->email = strdup(keyval[1]);
|
||||
cert->subject_email = strdup(keyval[1]);
|
||||
}
|
||||
}
|
||||
g_strfreev(keyval);
|
||||
}
|
||||
g_strfreev(fields);
|
||||
|
||||
cert->issuer_country = NULL;
|
||||
cert->issuer_state = NULL;
|
||||
cert->issuer_distinguishedname = NULL;
|
||||
cert->issuer_serialnumber = NULL;
|
||||
cert->issuer_commonname = NULL;
|
||||
cert->issuer_organisation = NULL;
|
||||
cert->issuer_organisation_unit = NULL;
|
||||
cert->issuer_email = NULL;
|
||||
fields = g_strsplit(issuername, "/", 0);
|
||||
for (i = 0; i < g_strv_length(fields); i++) {
|
||||
gchar** keyval = g_strsplit(fields[i], "=", 2);
|
||||
if (g_strv_length(keyval) == 2) {
|
||||
if ((g_strcmp0(keyval[0], "C") == 0) || (g_strcmp0(keyval[0], "countryName") == 0)) {
|
||||
cert->issuer_country = strdup(keyval[1]);
|
||||
}
|
||||
if ((g_strcmp0(keyval[0], "ST") == 0) || (g_strcmp0(keyval[0], "stateOrProvinceName") == 0)) {
|
||||
cert->issuer_state = strdup(keyval[1]);
|
||||
}
|
||||
if (g_strcmp0(keyval[0], "dnQualifier") == 0) {
|
||||
cert->issuer_distinguishedname = strdup(keyval[1]);
|
||||
}
|
||||
if (g_strcmp0(keyval[0], "serialnumber") == 0) {
|
||||
cert->issuer_serialnumber = strdup(keyval[1]);
|
||||
}
|
||||
if ((g_strcmp0(keyval[0], "CN") == 0) || (g_strcmp0(keyval[0], "commonName") == 0)) {
|
||||
cert->issuer_commonname = strdup(keyval[1]);
|
||||
}
|
||||
if ((g_strcmp0(keyval[0], "O") == 0) || (g_strcmp0(keyval[0], "organizationName") == 0)) {
|
||||
cert->issuer_organisation = strdup(keyval[1]);
|
||||
}
|
||||
if ((g_strcmp0(keyval[0], "OU") == 0) || (g_strcmp0(keyval[0], "organizationalUnitName") == 0)) {
|
||||
cert->issuer_organisation_unit = strdup(keyval[1]);
|
||||
}
|
||||
if (g_strcmp0(keyval[0], "emailAddress") == 0) {
|
||||
cert->issuer_email = strdup(keyval[1]);
|
||||
}
|
||||
}
|
||||
g_strfreev(keyval);
|
||||
@ -200,15 +289,28 @@ tlscerts_add(TLSCertificate *cert)
|
||||
|
||||
autocomplete_add(certs_ac, cert->fingerprint);
|
||||
|
||||
g_key_file_set_integer(tlscerts, cert->fingerprint, "version", cert->version);
|
||||
if (cert->serialnumber) {
|
||||
g_key_file_set_string(tlscerts, cert->fingerprint, "serialnumber", cert->serialnumber);
|
||||
}
|
||||
if (cert->subjectname) {
|
||||
g_key_file_set_string(tlscerts, cert->fingerprint, "subjectname", cert->subjectname);
|
||||
}
|
||||
if (cert->issuername) {
|
||||
g_key_file_set_string(tlscerts, cert->fingerprint, "issuername", cert->issuername);
|
||||
}
|
||||
if (cert->notbefore) {
|
||||
g_key_file_set_string(tlscerts, cert->fingerprint, "start", cert->notbefore);
|
||||
}
|
||||
if (cert->notafter) {
|
||||
g_key_file_set_string(tlscerts, cert->fingerprint, "end", cert->notafter);
|
||||
}
|
||||
if (cert->key_alg) {
|
||||
g_key_file_set_string(tlscerts, cert->fingerprint, "keyalg", cert->key_alg);
|
||||
}
|
||||
if (cert->signature_alg) {
|
||||
g_key_file_set_string(tlscerts, cert->fingerprint, "signaturealg", cert->signature_alg);
|
||||
}
|
||||
|
||||
_save_tlscerts();
|
||||
}
|
||||
@ -242,13 +344,34 @@ void
|
||||
tlscerts_free(TLSCertificate *cert)
|
||||
{
|
||||
if (cert) {
|
||||
free(cert->serialnumber);
|
||||
|
||||
free(cert->subjectname);
|
||||
free(cert->fingerprint);
|
||||
free(cert->domain);
|
||||
free(cert->organisation);
|
||||
free(cert->email);
|
||||
free(cert->subject_country);
|
||||
free(cert->subject_state);
|
||||
free(cert->subject_distinguishedname);
|
||||
free(cert->subject_serialnumber);
|
||||
free(cert->subject_commonname);
|
||||
free(cert->subject_organisation);
|
||||
free(cert->subject_organisation_unit);
|
||||
free(cert->subject_email);
|
||||
|
||||
free(cert->issuername);
|
||||
free(cert->issuer_country);
|
||||
free(cert->issuer_state);
|
||||
free(cert->issuer_distinguishedname);
|
||||
free(cert->issuer_serialnumber);
|
||||
free(cert->issuer_commonname);
|
||||
free(cert->issuer_organisation);
|
||||
free(cert->issuer_organisation_unit);
|
||||
free(cert->issuer_email);
|
||||
|
||||
free(cert->notbefore);
|
||||
free(cert->notafter);
|
||||
free(cert->fingerprint);
|
||||
|
||||
free(cert->key_alg);
|
||||
free(cert->signature_alg);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -36,19 +36,38 @@
|
||||
#define TLSCERTS_H
|
||||
|
||||
typedef struct tls_cert_t {
|
||||
char *fingerprint;
|
||||
char *domain;
|
||||
int version;
|
||||
char *serialnumber;
|
||||
char *subjectname;
|
||||
char *organisation;
|
||||
char *email;
|
||||
char *subject_country;
|
||||
char *subject_state;
|
||||
char *subject_distinguishedname;
|
||||
char *subject_serialnumber;
|
||||
char *subject_commonname;
|
||||
char *subject_organisation;
|
||||
char *subject_organisation_unit;
|
||||
char *subject_email;
|
||||
char *issuername;
|
||||
char *issuer_country;
|
||||
char *issuer_state;
|
||||
char *issuer_distinguishedname;
|
||||
char *issuer_serialnumber;
|
||||
char *issuer_commonname;
|
||||
char *issuer_organisation;
|
||||
char *issuer_organisation_unit;
|
||||
char *issuer_email;
|
||||
char *notbefore;
|
||||
char *notafter;
|
||||
char *fingerprint;
|
||||
char *key_alg;
|
||||
char *signature_alg;
|
||||
} TLSCertificate;
|
||||
|
||||
void tlscerts_init(void);
|
||||
|
||||
TLSCertificate* tlscerts_new(const char *const fingerprint, const char *const subjectname, const char *const notbefore,
|
||||
const char *const notafter);
|
||||
TLSCertificate* tlscerts_new(const char *const fingerprint, int version, const char *const serialnumber, const char *const subjectname,
|
||||
const char *const issuername, const char *const notbefore, const char *const notafter,
|
||||
const char *const key_alg, const char *const signature_alg);
|
||||
|
||||
void tlscerts_set_current(const char *const fp);
|
||||
|
||||
|
@ -196,18 +196,76 @@ cons_show_tlscert(TLSCertificate *cert)
|
||||
}
|
||||
|
||||
cons_show("Certificate:");
|
||||
if (cert->domain) {
|
||||
cons_show(" Domain : %s", cert->domain);
|
||||
|
||||
cons_show(" Subject:");
|
||||
if (cert->subject_commonname) {
|
||||
cons_show(" Common name : %s", cert->subject_commonname);
|
||||
}
|
||||
if (cert->organisation) {
|
||||
cons_show(" Organisation : %s", cert->organisation);
|
||||
if (cert->subject_distinguishedname) {
|
||||
cons_show(" Distinguished name : %s", cert->subject_distinguishedname);
|
||||
}
|
||||
if (cert->email) {
|
||||
cons_show(" Email : %s", cert->email);
|
||||
if (cert->subject_organisation) {
|
||||
cons_show(" Organisation : %s", cert->subject_organisation);
|
||||
}
|
||||
cons_show(" Fingerprint : %s", cert->fingerprint);
|
||||
cons_show(" Start : %s", cert->notbefore);
|
||||
cons_show(" End : %s", cert->notafter);
|
||||
if (cert->subject_organisation_unit) {
|
||||
cons_show(" Organisation unit : %s", cert->subject_organisation_unit);
|
||||
}
|
||||
if (cert->subject_email) {
|
||||
cons_show(" Email : %s", cert->subject_email);
|
||||
}
|
||||
if (cert->subject_state) {
|
||||
cons_show(" State : %s", cert->subject_state);
|
||||
}
|
||||
if (cert->subject_country) {
|
||||
cons_show(" Country : %s", cert->subject_country);
|
||||
}
|
||||
if (cert->subject_serialnumber) {
|
||||
cons_show(" Serial number : %s", cert->subject_serialnumber);
|
||||
}
|
||||
|
||||
cons_show(" Issuer:");
|
||||
if (cert->issuer_commonname) {
|
||||
cons_show(" Common name : %s", cert->issuer_commonname);
|
||||
}
|
||||
if (cert->issuer_distinguishedname) {
|
||||
cons_show(" Distinguished name : %s", cert->issuer_distinguishedname);
|
||||
}
|
||||
if (cert->issuer_organisation) {
|
||||
cons_show(" Organisation : %s", cert->issuer_organisation);
|
||||
}
|
||||
if (cert->issuer_organisation_unit) {
|
||||
cons_show(" Organisation unit : %s", cert->issuer_organisation_unit);
|
||||
}
|
||||
if (cert->issuer_email) {
|
||||
cons_show(" Email : %s", cert->issuer_email);
|
||||
}
|
||||
if (cert->issuer_state) {
|
||||
cons_show(" State : %s", cert->issuer_state);
|
||||
}
|
||||
if (cert->issuer_country) {
|
||||
cons_show(" Country : %s", cert->issuer_country);
|
||||
}
|
||||
if (cert->issuer_serialnumber) {
|
||||
cons_show(" Serial number : %s", cert->issuer_serialnumber);
|
||||
}
|
||||
|
||||
cons_show(" Version : %d", cert->version);
|
||||
|
||||
if (cert->serialnumber) {
|
||||
cons_show(" Serial number : %s", cert->serialnumber);
|
||||
}
|
||||
|
||||
if (cert->key_alg) {
|
||||
cons_show(" Key algorithm : %s", cert->key_alg);
|
||||
}
|
||||
if (cert->signature_alg) {
|
||||
cons_show(" Signature algorithm : %s", cert->signature_alg);
|
||||
}
|
||||
|
||||
cons_show(" Start : %s", cert->notbefore);
|
||||
cons_show(" End : %s", cert->notafter);
|
||||
|
||||
cons_show(" Fingerprint : %s", cert->fingerprint);
|
||||
}
|
||||
|
||||
void
|
||||
|
@ -389,12 +389,18 @@ _connection_free_session_data(void)
|
||||
static int
|
||||
_connection_certfail_cb(xmpp_tlscert_t *xmpptlscert, const char *const errormsg)
|
||||
{
|
||||
int version = xmpp_conn_tlscert_version(xmpptlscert);
|
||||
char *serialnumber = xmpp_conn_tlscert_serialnumber(xmpptlscert);
|
||||
char *subjectname = xmpp_conn_tlscert_subjectname(xmpptlscert);
|
||||
char *fp = xmpp_conn_tlscert_fp(xmpptlscert);
|
||||
char *issuername = xmpp_conn_tlscert_issuername(xmpptlscert);
|
||||
char *fingerprint = xmpp_conn_tlscert_fingerprint(xmpptlscert);
|
||||
char *notbefore = xmpp_conn_tlscert_notbefore(xmpptlscert);
|
||||
char *notafter = xmpp_conn_tlscert_notafter(xmpptlscert);
|
||||
char *key_alg = xmpp_conn_tlscert_key_algorithm(xmpptlscert);
|
||||
char *signature_alg = xmpp_conn_tlscert_signature_algorithm(xmpptlscert);
|
||||
|
||||
TLSCertificate *cert = tlscerts_new(fp, subjectname, notbefore, notafter);
|
||||
TLSCertificate *cert = tlscerts_new(fingerprint, version, serialnumber, subjectname, issuername, notbefore,
|
||||
notafter, key_alg, signature_alg);
|
||||
int res = sv_ev_certfail(errormsg, cert);
|
||||
tlscerts_free(cert);
|
||||
|
||||
@ -405,12 +411,18 @@ TLSCertificate*
|
||||
jabber_get_tls_peer_cert(void)
|
||||
{
|
||||
xmpp_tlscert_t *xmpptlscert = xmpp_conn_tls_peer_cert(jabber_conn.conn);
|
||||
int version = xmpp_conn_tlscert_version(xmpptlscert);
|
||||
char *serialnumber = xmpp_conn_tlscert_serialnumber(xmpptlscert);
|
||||
char *subjectname = xmpp_conn_tlscert_subjectname(xmpptlscert);
|
||||
char *fp = xmpp_conn_tlscert_fp(xmpptlscert);
|
||||
char *issuername = xmpp_conn_tlscert_issuername(xmpptlscert);
|
||||
char *fingerprint = xmpp_conn_tlscert_fingerprint(xmpptlscert);
|
||||
char *notbefore = xmpp_conn_tlscert_notbefore(xmpptlscert);
|
||||
char *notafter = xmpp_conn_tlscert_notafter(xmpptlscert);
|
||||
char *key_alg = xmpp_conn_tlscert_key_algorithm(xmpptlscert);
|
||||
char *signature_alg = xmpp_conn_tlscert_signature_algorithm(xmpptlscert);
|
||||
|
||||
TLSCertificate *cert = tlscerts_new(fp, subjectname, notbefore, notafter);
|
||||
TLSCertificate *cert = tlscerts_new(fingerprint, version, serialnumber, subjectname, issuername, notbefore,
|
||||
notafter, key_alg, signature_alg);
|
||||
|
||||
xmpp_conn_free_tlscert(jabber_conn.ctx, xmpptlscert);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user