diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2017-05-21 11:36:51 +0200 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2017-05-21 11:36:51 +0200 |
| commit | b635a2d52df53ab2cfc7dd248aaef7c90cc7ecc7 (patch) | |
| tree | 662c8b590d710fd594b11bd6f8feefe0d1cfa101 /louloulibs/network/credentials_manager.hpp | |
| parent | ef0b63d85cde3904d6d4175d56bf905fa6ece23f (diff) | |
| parent | de62b6456bebd130f98ce6192cd63ff42e654fac (diff) | |
| download | biboumi-b635a2d52df53ab2cfc7dd248aaef7c90cc7ecc7.tar.gz biboumi-b635a2d52df53ab2cfc7dd248aaef7c90cc7ecc7.tar.bz2 biboumi-b635a2d52df53ab2cfc7dd248aaef7c90cc7ecc7.tar.xz biboumi-b635a2d52df53ab2cfc7dd248aaef7c90cc7ecc7.zip | |
Merge tag 'upstream/4.3'
Upstream version 4.3
# gpg: Signature made Sun May 21 11:36:48 2017 CEST
# gpg: using RSA key 2C7C3146C1A00121
# gpg: Good signature from "Jonas Smedegaard <dr@jones.dk>"
# gpg: aka "Jonas Smedegaard <jonas@homebase.dk>"
# gpg: aka "Jonas Smedegaard <js@debian.org>"
# gpg: aka "[jpeg image of size 4165]"
Diffstat (limited to 'louloulibs/network/credentials_manager.hpp')
| -rw-r--r-- | louloulibs/network/credentials_manager.hpp | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/louloulibs/network/credentials_manager.hpp b/louloulibs/network/credentials_manager.hpp index 7557372..9f42782 100644 --- a/louloulibs/network/credentials_manager.hpp +++ b/louloulibs/network/credentials_manager.hpp @@ -6,9 +6,22 @@ #include <botan/botan.h> #include <botan/tls_client.h> +#include <botan/version.h> class TCPSocketHandler; +/** + * If the given cert isn’t valid, based on the given hostname + * and fingerprint, then throws the exception if it’s non-empty. + * + * Must be called after the standard (from Botan) way of + * checking the certificate, if we want to also accept certificates based + * on a trusted fingerprint. + */ +void check_tls_certificate(const std::vector<Botan::X509_Certificate>& certs, + const std::string& hostname, const std::string& trusted_fingerprint, + std::exception_ptr exc); + class BasicCredentialsManager: public Botan::Credentials_Manager { public: @@ -19,12 +32,15 @@ public: BasicCredentialsManager& operator=(const BasicCredentialsManager&) = delete; BasicCredentialsManager& operator=(BasicCredentialsManager&&) = delete; +#if BOTAN_VERSION_CODE < BOTAN_VERSION_CODE_FOR(1,11,34) void verify_certificate_chain(const std::string& type, const std::string& purported_hostname, const std::vector<Botan::X509_Certificate>&) override final; +#endif std::vector<Botan::Certificate_Store*> trusted_certificate_authorities(const std::string& type, const std::string& context) override final; void set_trusted_fingerprint(const std::string& fingerprint); + const std::string& get_trusted_fingerprint() const; private: const TCPSocketHandler* const socket_handler; |