Implement certificate chain retrieval and passing. CAs are not loaded

[claws.git] / src / common / ssl_certificate.h

diff --git a/src/common/ssl_certificate.h b/src/common/ssl_certificate.h
index 66a19bf34cfe67dae74254a5405ad30e6dc0ecc6..fd8822ad77df402ac31424ff752439e3717f0be4 100644 (file)
--- a/src/common/ssl_certificate.h
+++ b/src/common/ssl_certificate.h
@@ -1,6 +1,6 @@
 /*
  * Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
- * Copyright (C) 1999-2009 Colin Leroy <colin@colino.net> 
+ * Copyright (C) 1999-2012 Colin Leroy <colin@colino.net> 
  * and the Claws Mail team
  *
  * This program is free software; you can redistribute it and/or modify
@@ -22,7 +22,7 @@
 #define __SSL_CERTIFICATE_H__
 
 #ifdef HAVE_CONFIG_H
-#  include "config.h"
+#include "claws-features.h"
 #endif
 
 #ifdef USE_GNUTLS
@@ -39,7 +39,7 @@ typedef struct _SSLCertificate SSLCertificate;
 
 struct _SSLCertificate
 {
-       gnutls_x509_crt x509_cert;
+       gnutls_x509_crt_t x509_cert;
        gchar *host;
        gushort port;
        gchar *fingerprint;
@@ -56,21 +56,21 @@ struct _SSLCertHookData
        gboolean accept;
 };
 
-SSLCertificate *ssl_certificate_find (gchar *host, gushort port, const gchar *fingerprint);
-SSLCertificate *ssl_certificate_find_lookup (gchar *host, gushort port, const gchar *fingerprint, gboolean lookup);
-gboolean ssl_certificate_check (gnutls_x509_crt x509_cert, guint status, gchar *fqdn, gchar *host, gushort port);
+SSLCertificate *ssl_certificate_find (const gchar *host, gushort port, const gchar *fingerprint);
+gboolean ssl_certificate_check (gnutls_x509_crt_t x509_cert, guint status, const gchar *host, gushort port);
+gboolean ssl_certificate_check_chain(gnutls_x509_crt_t *certs, gint chain_len, const gchar *host, gushort port);
 void ssl_certificate_destroy(SSLCertificate *cert);
 void ssl_certificate_delete_from_disk(SSLCertificate *cert);
 char * readable_fingerprint(unsigned char *src, int len);
-char *ssl_certificate_check_signer (gnutls_x509_crt cert, guint status);
+char *ssl_certificate_check_signer (gnutls_x509_crt_t cert, guint status);
 
-#ifdef USE_GNUTLS
-gnutls_x509_crt ssl_certificate_get_x509_from_pem_file(const gchar *file);
-gnutls_x509_privkey ssl_certificate_get_pkey_from_pem_file(const gchar *file);
+gnutls_x509_crt_t ssl_certificate_get_x509_from_pem_file(const gchar *file);
+gnutls_x509_privkey_t ssl_certificate_get_pkey_from_pem_file(const gchar *file);
 void ssl_certificate_get_x509_and_pkey_from_p12_file(const gchar *file, 
-                       const gchar *password, gnutls_x509_crt *crt, gnutls_x509_privkey *key);
-size_t gnutls_i2d_X509(gnutls_x509_crt x509_cert, unsigned char **output);
-size_t gnutls_i2d_PrivateKey(gnutls_x509_privkey pkey, unsigned char **output);
-#endif
+                       const gchar *password, gnutls_x509_crt_t *crt, gnutls_x509_privkey_t *key);
+size_t gnutls_i2d_X509(gnutls_x509_crt_t x509_cert, unsigned char **output);
+size_t gnutls_i2d_PrivateKey(gnutls_x509_privkey_t pkey, unsigned char **output);
+gboolean ssl_certificate_check_subject_cn(SSLCertificate *cert);
+gchar *ssl_certificate_get_subject_cn(SSLCertificate *cert);
 #endif /* USE_GNUTLS */
 #endif /* SSL_CERTIFICATE_H */