Commit Graph

19 Commits

Author SHA1 Message Date
Aleix Conchillo Flaqué
da053e345b tlscertificate: add support for certificate chains
This patch changes the behavior of the following functions:

   g_tls_certificate_new_from_pem
   g_tls_certificate_new_from_file
   g_tls_certificate_new_from_files

If more than one certificate is found it will try to load the chain.

It is assumed that the chain will be in the right order (top-level
certificate will be the last one in the file). If the chain cannot be
verified, the first certificate in the file will be returned as before.

https://bugzilla.gnome.org/show_bug.cgi?id=729739
2014-10-06 10:19:48 -07:00
Dan Winship
65f2669173 gtlscertificate: fix certificate list parsing with trailing comments
g_tls_certificate_list_new_from_file() was supposed to ignore non-PEM
content, but it accidentally required that there not be anything after
the last certificate. Fix that.

https://bugzilla.gnome.org/show_bug.cgi?id=727692
2014-04-09 10:39:45 -04:00
William Jon McCann
20f4d1820b docs: use "Returns:" consistently
Instead of "Return value:".
2014-02-19 19:41:52 -05:00
Matthias Clasen
3232425785 Docs: replace <literal> by ` 2014-02-06 08:07:16 -05:00
Matthias Clasen
42cf80780b Docs: Big entity cleanup
Strip lots of entity use from |[ ]| examples (which are now
implicit CDATA). Also remove many redundant uses of <!-- -->.
2014-02-01 12:00:30 -05:00
Daniel Mustieles
078dbda148 Updated FSF's address 2014-01-31 14:31:55 +01:00
Matthias Clasen
3872049445 Add includes to all gio docs 2014-01-07 22:55:43 -05:00
Stef Walter
7518f7a674 Revert "gtlscertificate: Add certificate-bytes and private-key-bytes props"
* In order to add contstruct properties to an abstract base
   calls, and retain ABI stability, the base class must add a
   default implementation of those properties.
 * We cannot add a default implementation of certificate-bytes
   or private-key-bytes since certificate and private-key properties
   are writable on construct-only.

This reverts commit 541c985869.

https://bugzilla.gnome.org/show_bug.cgi?id=682081
2012-08-21 13:30:02 +02:00
Stef Walter
541c985869 gtlscertificate: Add certificate-bytes and private-key-bytes props
* These properties contain the same data as certificate and
   private-key, but as GBytes

https://bugzilla.gnome.org/show_bug.cgi?id=681319
2012-08-06 22:23:20 +02:00
Stef Walter
49b35f0930 gtlscertificate: Don't confuse certificate and public key in docs
* A certificate sorta acts as a public key, but more specifically
   it contains a public key (in its subjectPublicKeyInfo) field.
 * Documentation was confusing and could have read like the
   certificate and certificate-pem properties were returning the
   public key part of the certificate.

https://bugzilla.gnome.org/show_bug.cgi?id=681158
2012-08-06 10:44:52 +02:00
Stef Walter
6ddf40f301 gtlscertificate: Add g_tls_certificate_is_same() function
* Certificate equality in PKIX in general is equality between
   the DER encoding of the certificates.

https://bugzilla.gnome.org/show_bug.cgi?id=681116
2012-08-03 18:58:30 +02:00
Dan Winship
1dc8d1f932 GTlsCertificate: support unencrypted PKCS#8 private keys
PKCS#8 is the "right" way to encode private keys. Although the APIs do
not currently support encrypted keys, we should at least support
unencrypted PKCS#8 keys.

https://bugzilla.gnome.org/show_bug.cgi?id=664321
2011-11-18 20:26:58 -05:00
Ryan Lortie
09429e2c82 gio static fixups 2011-10-16 21:41:15 -04:00
Nicolas Dufresne
fdfb42b9f2 Rework PEM parsing to not be order dependent
Some valid PEM file would not work because the private key was put
before the certificate.
2011-07-27 16:23:33 -04:00
Dan Winship
784619bc3a Fix two leaks seen when using TLS connections
g_tls_certificate_list_new_from_file() was leaking the file contents,
and GSource was leaking the GSourcePrivate structure that got
created when using child sources.
2011-04-07 08:32:06 -04:00
Johan Dahlin
fdaaa22b58 Correct gtk-doc SECTION: syntax
g-ir-scanner does not allow a space between the : and the
section name.
2011-02-01 16:18:02 -02:00
Dan Winship
73d6bd8a45 Add g_tls_certificate_verify()
Add a method to verify a certificate against a CA; this can be used
for apps that need to test against non-default CAs.

Also make the GTlsCertificate::issuer property virtual
2010-12-07 10:41:05 +01:00
Matthias Clasen
eed36d38d1 Various doc tweaks 2010-11-28 23:55:43 -05:00
Dan Winship
59d62726de Add initial TLS (SSL) support to gio
This adds an extension point for TLS connections to gio, with a
gnutls-based implementation in glib-networking.

Full TLS support is still a work in progress; the current API is
missing some features, and parts of it may still be changed before
2.28.

https://bugzilla.gnome.org/show_bug.cgi?id=588189
2010-11-26 15:57:11 -05:00