| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
GInetAddress is a GObject, so we must unref anything we create with
g_inet_address_new_*
|
|
|
|
| |
It will return NULL if the string we pass it cannot be parsed.
|
|
|
|
|
|
|
|
| |
Change inet_aton function to glib functions.
inet_aton only supported IPv4 addresses, and wasn't available on windows
machines. GInetAddress functions support IPv6 natively, and requires less
boilerplate code then IPv6 gettaddrinfo().
|
|
|
|
|
| |
Only check for address length, when connecting through IP address.
It is not used, when connecting through DNS hostname.
|
|
|
|
|
|
|
|
|
|
|
|
| |
If verify_subject() is called with a SpiceOpenSSLVerify struct containing a
non-NULL 'in_subject' member, it would try to use the local 'in_entries'
variable without having initialized it first. This could happen if
verify_subject() was called multiple time with the same SpiceOpenSSLVerify
context, which probably isn't occurring the way we are using it.
However, since verify_subject() is the only method which needs in_subject,
we don't need to have it stored in SpiceOpenSSLVerify, and we can
recreate it as needed locally in that method, which avoids that issue.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, SSL verification of the peer certificate checks if
the certificate's subject CN or one of its subjectAltName match
the hostname. If this succeeds, then the verification succeeds.
Otherwise openssl_verify() checks the cert subject if this was set,
which means it checks the certificate's subject (not just its CN) matches
exactly the cert subject string that is set in SpiceSession.
Given that the cert subject is something the user specifies in addition
to the hostname, the cert subject check should have priority over the
hostname check, that is, when we have a cert subject set, the
success/failure of the cert subject cert should determine the
success/failure of openssl_verify(), and the hostname check
should only be carried out when no cert subject was set.
This fixes rhbz#871034
|
|
|
|
|
|
|
| |
We currently log an error when openssl_verify() is called with
preverify_ok set to 0 for all certificates in the certificate chain
except for the peer certificate (when 'depth' is 0).
This commit logs an error in the latter case as well.
|
|
|
|
| |
It contains the same information as before, but should be more readable.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the server certificate is not being signed by the provided CA,
the SSL debug message is currently for example:
ssl_verify.c:428:openssl_verify: openssl verify:num=19:self signed
certificate in certificate chain:depth=1:/C=IL/L=Raanana/O=Red
Hat/CN=my CA
Add a more explicit debug message too, as requested in bug:
https://bugzilla.redhat.com/show_bug.cgi?id=846666
|
|
|
|
| |
warning: suggest explicit braces to avoid ambiguous 'else'
|
|
|
|
| |
This should make SSL connection failures easier to diagnose.
|
|
|
|
|
| |
Even if they are not public functions, those conditions can be reached
in a invalid state.
|
|
|
|
| |
Signed-off-by: Aric Stewart <aric@codeweavers.com>
|
|
|
|
|
|
|
| |
During switch-host migration, only PUBKEY verification is required.
Couldn't it just load the certificate again for the new session?
perhaps, but that's they way the code used to work until I introduced
a regression in spice commit d46f9d3f4e006d3bca9b99fac25169b17e7ac803.
|
|
|
|
| |
Use the log.h system, and report a bit more information in the debug level
|
|
|
|
|
|
|
|
|
| |
A number of functions were used without prior declaration. In
some cases this was due to missing include files. In other cases
the functions should have just been static.
Ideally this would allow -Wmissing-declarations to be enabled, but
the files generated by spice_codegen.py will still trip up on this.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add extra {} braces around if/else statements which only
call SPICE_DEBUG to avoid:
../common/ssl_verify.c: In function 'verify_pubkey':
../common/ssl_verify.c:87:50: warning: suggest braces around empty body in an 'else' statement [-Wempty-body]
../common/ssl_verify.c: In function 'verify_hostname':
../common/ssl_verify.c:254:53: warning: suggest braces around empty body in an 'if' statement [-Wempty-body]
../common/ssl_verify.c: In function 'verify_subject':
../common/ssl_verify.c:381:41: warning: suggest braces around empty body in an 'else' statement [-Wempty-body]
|
|
|
|
|
| |
ssl_verify.c is using memcmp which comes from string.h, this was
breaking compilation with -Werror -Wall on Mac OS X
|
| |
|
|
Code adapter from RedPeer::ssl_verify_callback() and used by
spice-gtk.
Since v1:
- fixed Makefile.am
- added config.h include
- autoconf alloca added in patch series
- moved int escape inside for loop
- added a failed case when missing assignment
- replaced strlen () by -1
- skip spaces after comma
- c++ guards
I didn't use bool, because openSSL uses int, and it is more future
proof for error reporting.
|