summaryrefslogtreecommitdiff
path: root/src/gmcerts.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/gmcerts.c')
-rw-r--r--src/gmcerts.c40
1 files changed, 30 insertions, 10 deletions
diff --git a/src/gmcerts.c b/src/gmcerts.c
index a39b303a..0dc52041 100644
--- a/src/gmcerts.c
+++ b/src/gmcerts.c
@@ -179,7 +179,7 @@ iDefineTypeConstruction(GmIdentity)
179/*-----------------------------------------------------------------------------------------------*/ 179/*-----------------------------------------------------------------------------------------------*/
180 180
181struct Impl_GmCerts { 181struct Impl_GmCerts {
182 iMutex mtx; 182 iMutex *mtx;
183 iString saveDir; 183 iString saveDir;
184 iStringHash *trusted; 184 iStringHash *trusted;
185 iPtrArray idents; 185 iPtrArray idents;
@@ -337,7 +337,7 @@ static void load_GmCerts_(iGmCerts *d) {
337} 337}
338 338
339void init_GmCerts(iGmCerts *d, const char *saveDir) { 339void init_GmCerts(iGmCerts *d, const char *saveDir) {
340 init_Mutex(&d->mtx); 340 d->mtx = new_Mutex();
341 initCStr_String(&d->saveDir, saveDir); 341 initCStr_String(&d->saveDir, saveDir);
342 d->trusted = new_StringHash(); 342 d->trusted = new_StringHash();
343 init_PtrArray(&d->idents); 343 init_PtrArray(&d->idents);
@@ -345,7 +345,7 @@ void init_GmCerts(iGmCerts *d, const char *saveDir) {
345} 345}
346 346
347void deinit_GmCerts(iGmCerts *d) { 347void deinit_GmCerts(iGmCerts *d) {
348 iGuardMutex(&d->mtx, { 348 iGuardMutex(d->mtx, {
349 saveIdentities_GmCerts_(d); 349 saveIdentities_GmCerts_(d);
350 iForEach(PtrArray, i, &d->idents) { 350 iForEach(PtrArray, i, &d->idents) {
351 delete_GmIdentity(i.ptr); 351 delete_GmIdentity(i.ptr);
@@ -354,7 +354,7 @@ void deinit_GmCerts(iGmCerts *d) {
354 iRelease(d->trusted); 354 iRelease(d->trusted);
355 deinit_String(&d->saveDir); 355 deinit_String(&d->saveDir);
356 }); 356 });
357 deinit_Mutex(&d->mtx); 357 delete_Mutex(d->mtx);
358} 358}
359 359
360iBool checkTrust_GmCerts(iGmCerts *d, iRangecc domain, const iTlsCertificate *cert) { 360iBool checkTrust_GmCerts(iGmCerts *d, iRangecc domain, const iTlsCertificate *cert) {
@@ -372,7 +372,7 @@ iBool checkTrust_GmCerts(iGmCerts *d, iRangecc domain, const iTlsCertificate *ce
372 iDate until; 372 iDate until;
373 validUntil_TlsCertificate(cert, &until); 373 validUntil_TlsCertificate(cert, &until);
374 iBlock *fingerprint = fingerprint_TlsCertificate(cert); 374 iBlock *fingerprint = fingerprint_TlsCertificate(cert);
375 lock_Mutex(&d->mtx); 375 lock_Mutex(d->mtx);
376 iTrustEntry *trust = value_StringHash(d->trusted, key); 376 iTrustEntry *trust = value_StringHash(d->trusted, key);
377 if (trust) { 377 if (trust) {
378 /* We already have it, check if it matches the one we trust for this domain (if it's 378 /* We already have it, check if it matches the one we trust for this domain (if it's
@@ -382,7 +382,7 @@ iBool checkTrust_GmCerts(iGmCerts *d, iRangecc domain, const iTlsCertificate *ce
382 if (secondsSince_Time(&trust->validUntil, &now) > 0) { 382 if (secondsSince_Time(&trust->validUntil, &now) > 0) {
383 /* Trusted cert is still valid. */ 383 /* Trusted cert is still valid. */
384 const iBool isTrusted = cmp_Block(fingerprint, &trust->fingerprint) == 0; 384 const iBool isTrusted = cmp_Block(fingerprint, &trust->fingerprint) == 0;
385 unlock_Mutex(&d->mtx); 385 unlock_Mutex(d->mtx);
386 delete_Block(fingerprint); 386 delete_Block(fingerprint);
387 delete_String(key); 387 delete_String(key);
388 return isTrusted; 388 return isTrusted;
@@ -395,7 +395,7 @@ iBool checkTrust_GmCerts(iGmCerts *d, iRangecc domain, const iTlsCertificate *ce
395 insert_StringHash(d->trusted, key, iClob(new_TrustEntry(fingerprint, &until))); 395 insert_StringHash(d->trusted, key, iClob(new_TrustEntry(fingerprint, &until)));
396 } 396 }
397 save_GmCerts_(d); 397 save_GmCerts_(d);
398 unlock_Mutex(&d->mtx); 398 unlock_Mutex(d->mtx);
399 delete_Block(fingerprint); 399 delete_Block(fingerprint);
400 delete_String(key); 400 delete_String(key);
401 return iTrue; 401 return iTrue;
@@ -410,16 +410,21 @@ const iGmIdentity *constIdentity_GmCerts(const iGmCerts *d, unsigned int id) {
410} 410}
411 411
412const iGmIdentity *identityForUrl_GmCerts(const iGmCerts *d, const iString *url) { 412const iGmIdentity *identityForUrl_GmCerts(const iGmCerts *d, const iString *url) {
413 lock_Mutex(d->mtx);
414 const iGmIdentity *found = NULL;
413 iConstForEach(PtrArray, i, &d->idents) { 415 iConstForEach(PtrArray, i, &d->idents) {
414 const iGmIdentity *ident = i.ptr; 416 const iGmIdentity *ident = i.ptr;
415 iConstForEach(StringSet, j, ident->useUrls) { 417 iConstForEach(StringSet, j, ident->useUrls) {
416 const iString *used = j.value; 418 const iString *used = j.value;
417 if (startsWithCase_String(url, cstr_String(used))) { 419 if (startsWithCase_String(url, cstr_String(used))) {
418 return ident; 420 found = ident;
421 goto done;
419 } 422 }
420 } 423 }
421 } 424 }
422 return NULL; 425done:
426 unlock_Mutex(d->mtx);
427 return found;
423} 428}
424 429
425iGmIdentity *newIdentity_GmCerts(iGmCerts *d, int flags, iDate validUntil, const iString *commonName, 430iGmIdentity *newIdentity_GmCerts(iGmCerts *d, int flags, iDate validUntil, const iString *commonName,
@@ -454,7 +459,7 @@ iGmIdentity *newIdentity_GmCerts(iGmCerts *d, int flags, iDate validUntil, const
454 return NULL; 459 return NULL;
455 } 460 }
456 } 461 }
457 pushBack_PtrArray(&d->idents, id); 462 iGuardMutex(d->mtx, pushBack_PtrArray(&d->idents, id));
458 return id; 463 return id;
459} 464}
460 465
@@ -467,6 +472,7 @@ static const char *certPath_GmCerts_(const iGmCerts *d, const iGmIdentity *ident
467} 472}
468 473
469void deleteIdentity_GmCerts(iGmCerts *d, iGmIdentity *identity) { 474void deleteIdentity_GmCerts(iGmCerts *d, iGmIdentity *identity) {
475 lock_Mutex(d->mtx);
470 /* Only delete the files if we created them. */ 476 /* Only delete the files if we created them. */
471 const char *filename = certPath_GmCerts_(d, identity); 477 const char *filename = certPath_GmCerts_(d, identity);
472 if (filename) { 478 if (filename) {
@@ -475,6 +481,7 @@ void deleteIdentity_GmCerts(iGmCerts *d, iGmIdentity *identity) {
475 } 481 }
476 removeOne_PtrArray(&d->idents, identity); 482 removeOne_PtrArray(&d->idents, identity);
477 collect_GmIdentity(identity); 483 collect_GmIdentity(identity);
484 unlock_Mutex(d->mtx);
478} 485}
479 486
480const iString *certificatePath_GmCerts(const iGmCerts *d, const iGmIdentity *identity) { 487const iString *certificatePath_GmCerts(const iGmCerts *d, const iGmIdentity *identity) {
@@ -499,3 +506,16 @@ void signOut_GmCerts(iGmCerts *d, const iString *url) {
499 setUse_GmIdentity(i.ptr, url, iFalse); 506 setUse_GmIdentity(i.ptr, url, iFalse);
500 } 507 }
501} 508}
509
510const iPtrArray *listIdentities_GmCerts(const iGmCerts *d, iGmCertsIdentityFilterFunc filter,
511 void *context) {
512 iPtrArray *list = collectNew_PtrArray();
513 lock_Mutex(d->mtx);
514 iConstForEach(PtrArray, i, &d->idents) {
515 if (!filter || filter(context, i.ptr)) {
516 pushBack_PtrArray(list, i.ptr);
517 }
518 }
519 unlock_Mutex(d->mtx);
520 return list;
521}