Changeset 2711345 in Renga


Ignore:
Timestamp:
Mar 28, 2020, 2:03:17 PM (4 years ago)
Author:
Adrien Destugues <pulkomandy@…>
Branches:
main
Children:
400c21d
Parents:
d772d93
Message:

Trust gloox on SSL certificates validation

I checked the Gloox sources and it already validates the certificate
validity dates as well as the server name. There is nothing more we need
to validate. We may want better handling (explicit error on invalid SSL,
allowing to ignore certificate problems, allow the user to set up their
own certs, etc), but that can be tracked in separate issues.

Fixes #30

Files:
3 edited

Legend:

Unmodified
Added
Removed

  • doap.xml

    rd772d93 r2711345  
    5858        <!-- Do we handle 6122 or rather 7622? -->
    5959    <implements rdf:resource="https://xmpp.org/rfcs/rfc6122.html"/>
    60         <!-- TODO <implements rdf:resource="https://xmpp.org/rfcs/rfc7590.html"/> -->
     60        <implements rdf:resource="https://xmpp.org/rfcs/rfc7590.html"/>
    6161        <!-- TODO: https://github.com/HaikuArchives/Jabber4Haiku/issues/29 -->
    6262    <!--<implements rdf:resource="https://xmpp.org/rfcs/rfc5122.html"/>-->

  • network/GlooxHandler.cpp

    rd772d93 r2711345  
    220220
    221221
    222 bool GlooxHandler::onTLSConnect(const gloox::CertInfo& info __attribute__((unused)))
    223 {
     222bool GlooxHandler::onTLSConnect(const gloox::CertInfo& info)
     223{
     224        // TODO let the listener (if any?) decide what to do with invalid
     225        // certificates. Add the relevant info to the notice, and wait for a
     226        // reply before moving on. But what if the listener does not reply or if
     227        // there is no listener?
     228
     229        // TODO add the relevant fields to the notice so the listener can make a
     230        // decision
    224231        SendNotices(kTLSConnect);
    225         // TODO let the listener (if any?) decide what to do
    226         return true;
     232        return info.status == gloox::CertOk;
    227233}
    228234

  • ui/RegisterAccountWindow.cpp

    rd772d93 r2711345  
    346346                                {
    347347                                        // TODO handle only if there is no dataform
    348                                         puts("yay, fields");
    349348                                        break;
    350349                                }
     
    367366                                case kOOB:
    368367                                {
     368                                        // TODO handle out of band data
    369369                                        message->PrintToStream();
    370370                                        //handleOOB(...);
Note: See TracChangeset for help on using the changeset viewer.