1
0
mirror of https://github.com/weechat/weechat.git synced 2026-07-05 17:23:15 +02:00

Reload file with certificate authorities when option weechat.network.gnutls_ca_file is changed

This commit is contained in:
Sebastien Helleu
2011-03-06 22:29:03 +01:00
parent e70bbe0659
commit b0a5492102
4 changed files with 42 additions and 6 deletions
+2
View File
@@ -7,6 +7,8 @@ v0.3.5-dev, 2011-03-06
Version 0.3.5 (under dev!)
--------------------------
* core: reload file with certificate authorities when option
weechat.network.gnutls_ca_file is changed
* core: rebuild bar content when items are changed in an hidden bar
* core: fix verification of SSL certificates by calling gnutls verify callback
(patch #7459)
+20 -1
View File
@@ -41,6 +41,7 @@
#include "wee-config.h"
#include "wee-hook.h"
#include "wee-log.h"
#include "wee-network.h"
#include "wee-util.h"
#include "wee-list.h"
#include "wee-proxy.h"
@@ -421,6 +422,23 @@ config_change_nick_colors (void *data, struct t_config_option *option)
gui_color_buffer_display ();
}
/*
* config_change_network_gnutls_ca_file: called when gnutls_ca_file is changed
*/
void
config_change_network_gnutls_ca_file (void *data,
struct t_config_option *option)
{
/* make C compiler happy */
(void) data;
(void) option;
if (network_init_ok)
network_set_gnutls_ca_file ();
}
/*
* config_day_change_timer_cb: timer callback for displaying
* "Day changed to xxx" message
@@ -2191,7 +2209,8 @@ config_weechat_init_options ()
"gnutls_ca_file", "string",
N_("file containing the certificate authorities (\"%h\" will be "
"replaced by WeeChat home, \"~/.weechat\" by default)"),
NULL, 0, 0, "%h/ssl/CAs.pem", NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL);
NULL, 0, 0, "%h/ssl/CAs.pem", NULL, 0, NULL, NULL,
&config_change_network_gnutls_ca_file, NULL, NULL, NULL);
config_network_gnutls_handshake_timeout = config_file_new_option (
weechat_config_file, ptr_section,
"gnutls_handshake_timeout", "integer",
+17 -5
View File
@@ -70,17 +70,14 @@ const int gnutls_cert_type_prio[] = { GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0 };
/*
* network_init: init network
* network_set_gnutls_ca_file: set trust file with option gnutls_ca_file
*/
void
network_init ()
network_set_gnutls_ca_file ()
{
#ifdef HAVE_GNUTLS
char *ca_path, *ca_path2;
gnutls_global_init ();
gnutls_certificate_allocate_credentials (&gnutls_xcred);
ca_path = string_expand_home (CONFIG_STRING(config_network_gnutls_ca_file));
if (ca_path)
@@ -94,6 +91,21 @@ network_init ()
}
free (ca_path);
}
#endif
}
/*
* network_init: init network
*/
void
network_init ()
{
#ifdef HAVE_GNUTLS
gnutls_global_init ();
gnutls_certificate_allocate_credentials (&gnutls_xcred);
network_set_gnutls_ca_file ();
#if LIBGNUTLS_VERSION_NUMBER >= 0x02090a
gnutls_certificate_set_verify_function (gnutls_xcred,
&hook_connect_gnutls_verify_certificates);
+3
View File
@@ -40,6 +40,9 @@ struct t_network_socks5
/* auth(user/pass) (2), ... */
};
extern int network_init_ok;
extern void network_set_gnutls_ca_file ();
extern void network_init ();
extern void network_end ();
extern int network_pass_proxy (const char *proxy, int sock,