author | Frank Zschockelt <lm@freakysoft.de> |
Sat, 11 May 2019 22:25:49 +0200 | |
changeset 738 | 264fece7ff0d |
parent 704 | d682ae8d7d3a |
permissions | -rw-r--r-- |
516
4dd3aa6b83e5
Change the tab width to 4 steps in the emacs headers
Mikael Hallendal <micke@imendio.com>
parents:
515
diff
changeset
|
1 |
/* -*- Mode: C; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
137
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
2 |
/* |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
3 |
* Copyright (C) 2003-2006 Imendio AB |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
4 |
* |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
5 |
* This program is free software; you can redistribute it and/or |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
6 |
* modify it under the terms of the GNU Lesser General Public License as |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
7 |
* published by the Free Software Foundation; either version 2 of the |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
8 |
* License, or (at your option) any later version. |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
9 |
* |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
10 |
* This program is distributed in the hope that it will be useful, |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
11 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
12 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
13 |
* Lesser General Public License for more details. |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
14 |
* |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
15 |
* You should have received a copy of the GNU Lesser General Public |
690
7ccf2113ec5f
Update the postal address of the FSF
Frank Zschockelt <lm@freakysoft.de>
parents:
664
diff
changeset
|
16 |
* License along with this program; if not, see <https://www.gnu.org/licenses> |
137
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
17 |
*/ |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
18 |
|
704
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
19 |
#include "lm-debug.h" |
137
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
20 |
#include "lm-ssl-base.h" |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
21 |
#include "lm-ssl-internals.h" |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
22 |
|
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
23 |
void |
607 | 24 |
_lm_ssl_base_init (LmSSLBase *base, |
518
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
25 |
const gchar *expected_fingerprint, |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
26 |
LmSSLFunction ssl_function, |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
27 |
gpointer user_data, |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
28 |
GDestroyNotify notify) |
137
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
29 |
{ |
518
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
30 |
base->ref_count = 1; |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
31 |
base->func = ssl_function; |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
32 |
base->func_data = user_data; |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
33 |
base->data_notify = notify; |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
34 |
base->fingerprint[0] = '\0'; |
650
a51209f570b6
Implemented lm_ssl_set_cipher_list
Frank Zschockelt <lm@freakysoft.de>
parents:
607
diff
changeset
|
35 |
base->cipher_list = NULL; |
607 | 36 |
|
518
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
37 |
if (expected_fingerprint) { |
704
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
38 |
if (!g_str_has_prefix(expected_fingerprint, LM_FINGERPRINT_PREFIX)) { |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
39 |
/* let's set a bogus hash because the user tries to use a hash |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
40 |
we don't support now */ |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
41 |
expected_fingerprint = "wrong_hash_format"; |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
42 |
g_log (LM_LOG_DOMAIN, LM_LOG_LEVEL_SSL, "Wrong hash format, use " |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
43 |
LM_FINGERPRINT_PREFIX"$hash"); |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
44 |
} |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
45 |
base->expected_fingerprint = g_strndup(expected_fingerprint, |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
46 |
LM_FINGERPRINT_LENGTH); |
518
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
47 |
} else { |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
48 |
base->expected_fingerprint = NULL; |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
49 |
} |
137
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
50 |
|
518
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
51 |
if (!base->func) { |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
52 |
/* If user didn't provide an SSL func the default will be used |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
53 |
* this function will always tell the connection to continue. |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
54 |
*/ |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
55 |
base->func = _lm_ssl_func_always_continue; |
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
56 |
} |
137
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
57 |
} |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
58 |
|
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
59 |
void |
650
a51209f570b6
Implemented lm_ssl_set_cipher_list
Frank Zschockelt <lm@freakysoft.de>
parents:
607
diff
changeset
|
60 |
_lm_ssl_base_set_cipher_list (LmSSLBase *base, |
a51209f570b6
Implemented lm_ssl_set_cipher_list
Frank Zschockelt <lm@freakysoft.de>
parents:
607
diff
changeset
|
61 |
const gchar *cipher_list) |
a51209f570b6
Implemented lm_ssl_set_cipher_list
Frank Zschockelt <lm@freakysoft.de>
parents:
607
diff
changeset
|
62 |
{ |
a51209f570b6
Implemented lm_ssl_set_cipher_list
Frank Zschockelt <lm@freakysoft.de>
parents:
607
diff
changeset
|
63 |
if (base->cipher_list) |
a51209f570b6
Implemented lm_ssl_set_cipher_list
Frank Zschockelt <lm@freakysoft.de>
parents:
607
diff
changeset
|
64 |
g_free (base->cipher_list); |
a51209f570b6
Implemented lm_ssl_set_cipher_list
Frank Zschockelt <lm@freakysoft.de>
parents:
607
diff
changeset
|
65 |
base->cipher_list = g_strdup (cipher_list); |
a51209f570b6
Implemented lm_ssl_set_cipher_list
Frank Zschockelt <lm@freakysoft.de>
parents:
607
diff
changeset
|
66 |
} |
a51209f570b6
Implemented lm_ssl_set_cipher_list
Frank Zschockelt <lm@freakysoft.de>
parents:
607
diff
changeset
|
67 |
|
a51209f570b6
Implemented lm_ssl_set_cipher_list
Frank Zschockelt <lm@freakysoft.de>
parents:
607
diff
changeset
|
68 |
void |
651
2990ee03cfa3
Implemented lm_ssl_set_ca
Frank Zschockelt <lm@freakysoft.de>
parents:
650
diff
changeset
|
69 |
_lm_ssl_base_set_ca_path (LmSSLBase *base, |
664
f57b1b61e1fe
Remove trailing whitespace and mixed indenting
Till Maas <opensource@till.name>
parents:
651
diff
changeset
|
70 |
const gchar *ca_path) |
651
2990ee03cfa3
Implemented lm_ssl_set_ca
Frank Zschockelt <lm@freakysoft.de>
parents:
650
diff
changeset
|
71 |
{ |
2990ee03cfa3
Implemented lm_ssl_set_ca
Frank Zschockelt <lm@freakysoft.de>
parents:
650
diff
changeset
|
72 |
if (base->ca_path) |
2990ee03cfa3
Implemented lm_ssl_set_ca
Frank Zschockelt <lm@freakysoft.de>
parents:
650
diff
changeset
|
73 |
g_free (base->ca_path); |
2990ee03cfa3
Implemented lm_ssl_set_ca
Frank Zschockelt <lm@freakysoft.de>
parents:
650
diff
changeset
|
74 |
base->ca_path = g_strdup (ca_path); |
2990ee03cfa3
Implemented lm_ssl_set_ca
Frank Zschockelt <lm@freakysoft.de>
parents:
650
diff
changeset
|
75 |
} |
704
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
76 |
|
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
77 |
void |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
78 |
_lm_ssl_base_set_fingerprint (LmSSLBase *base, |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
79 |
const guchar *digest, |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
80 |
unsigned int digest_len) |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
81 |
{ |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
82 |
gchar hex[LM_FINGERPRINT_LENGTH]; |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
83 |
gchar *p; |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
84 |
int i; |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
85 |
|
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
86 |
g_assert(LM_FINGERPRINT_PREFIX != NULL); |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
87 |
g_assert(digest != NULL); |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
88 |
g_assert(digest_len > 0); |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
89 |
g_assert(LM_FINGERPRINT_LENGTH >= |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
90 |
(sizeof(LM_FINGERPRINT_PREFIX) + digest_len*2)); |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
91 |
|
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
92 |
for (p = hex, i = 0; i < digest_len ; i++, p+=2) { |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
93 |
g_snprintf(p, 3, "%02x", digest[i]); |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
94 |
} |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
95 |
g_snprintf(base->fingerprint, LM_FINGERPRINT_LENGTH, |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
96 |
"%s%s", |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
97 |
LM_FINGERPRINT_PREFIX, |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
98 |
hex); |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
99 |
} |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
100 |
|
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
101 |
int _lm_ssl_base_check_fingerprint( LmSSLBase *base) |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
102 |
{ |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
103 |
if (base->expected_fingerprint == NULL) { |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
104 |
return 0; |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
105 |
} |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
106 |
return g_ascii_strcasecmp(base->expected_fingerprint, base->fingerprint); |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
107 |
} |
d682ae8d7d3a
Deprecate MD5 fingerprints for SHA256
Frank Zschockelt <lm@freakysoft.de>
parents:
690
diff
changeset
|
108 |
|
651
2990ee03cfa3
Implemented lm_ssl_set_ca
Frank Zschockelt <lm@freakysoft.de>
parents:
650
diff
changeset
|
109 |
void |
137
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
110 |
_lm_ssl_base_free_fields (LmSSLBase *base) |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
111 |
{ |
518
cdd6a0c5b439
Went over all of the files and made sure they all were indented the same way.
Mikael Hallendal <micke@imendio.com>
parents:
516
diff
changeset
|
112 |
g_free (base->expected_fingerprint); |
650
a51209f570b6
Implemented lm_ssl_set_cipher_list
Frank Zschockelt <lm@freakysoft.de>
parents:
607
diff
changeset
|
113 |
g_free (base->cipher_list); |
651
2990ee03cfa3
Implemented lm_ssl_set_ca
Frank Zschockelt <lm@freakysoft.de>
parents:
650
diff
changeset
|
114 |
g_free (base->ca_path); |
137
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
115 |
} |
18785575aa7a
2006-04-05 Mikael Hallendal <micke@imendio.com>
hallski <hallski>
parents:
diff
changeset
|
116 |