diff options
| author | Release Engineers <releng@openoffice.org> | 2009-08-26 08:22:01 +0000 |
|---|---|---|
| committer | Release Engineers <releng@openoffice.org> | 2009-08-26 08:22:01 +0000 |
| commit | b0dcf266f19d27d6f4dc7da428cbfe39ddddd8c4 (patch) | |
| tree | 010333ba3e4d2880a0660fbf0400e064af4841b8 /ucb/source/ucp/webdav/NeonSession.cxx | |
| parent | 5a27e207374b79778c7149a0a7bf0adba18d7590 (diff) | |
CWS-TOOLING: integrate CWS jl127
2009-07-30 10:12:10 +0200 jl r274470 : #i100873# switch on checking for symbol definitions. It works with the current xpcom lib.
2009-07-29 09:48:29 +0200 jl r274443 : #i100873#
2009-07-29 09:47:36 +0200 jl r274442 : #i100873# changes after resync with DEV300m53 which contains the seamonkey update
2009-07-28 10:00:03 +0200 jl r274389 : #100873# Patches from tono
2009-07-27 16:59:39 +0200 jl r274372 : CWS-TOOLING: rebase CWS jl127 to trunk@274203 (milestone: DEV300:m53)
2009-07-07 09:08:53 +0200 jl r273768 : #100873#
2009-07-06 17:16:10 +0200 jl r273754 : #100873#
2009-07-01 13:58:09 +0200 jl r273576 : #100873# added to readme
2009-07-01 13:15:02 +0200 jl r273573 : #100873# deliver lib files when building with MS compiler
2009-06-30 11:22:06 +0200 jl r273498 : #i100873# accidentally commented out patch_files
2009-06-30 09:01:10 +0200 jl r273489 : #100873# make rc.exe work in ooo windows build
2009-06-29 09:47:56 +0200 jl r273451 : #i100873# applied mingw patch from tono
2009-06-24 12:52:14 +0200 jl r273332 : #100873# reapplying the configure.in patch on version 273150
2009-06-24 12:51:12 +0200 jl r273331 : #100873# reapplying the patch on version 273150
2009-06-23 17:17:36 +0200 jl r273299 : #100873# manually modified patch from tono
2009-06-22 17:05:41 +0200 jl r273243 : #100873# applying mingw patch from tono
2009-06-22 17:02:30 +0200 jl r273242 : #100873# applying mingw patch from tono
2009-06-22 12:49:57 +0200 jl r273216 : #100873# dependency to stlport
2009-06-19 11:56:16 +0200 jl r273155 : #100873# undoing a previous change, instset_native complained about missing libjpipe.jnilib (jurt)
2009-06-19 10:13:03 +0200 jl r273150 : #100873# ooo builds shall also use the new nss by default
2009-06-18 14:32:07 +0200 jl r273117 : #110873# more debug output when verifying a certificate
2009-06-16 11:23:50 +0200 jl r273012 : #i10873#
2009-06-16 10:57:41 +0200 jl r273011 : #100873# wrong parameter definition in nsscrypto_initialize
2009-06-16 10:56:45 +0200 jl r273010 : #100873# wrong parameter definition in nsscrypto_initialize
2009-06-15 16:20:42 +0200 jl r272996 : #100873# initialization of NSS is now threadsafe
2009-06-10 12:50:46 +0200 jl r272804 : #100873# rename in foreach fails in 4nt
2009-06-09 13:43:00 +0200 jl r272768 : #i100873# deliver only .h from inc/nss otherwise we get a warning when nss/nssck.api is delivered
2009-06-08 16:15:44 +0200 jl r272739 : #i100873#
2009-06-08 16:04:54 +0200 jl r272738 : #i100873#
2009-06-08 15:45:52 +0200 jl r272736 : #i100873#
2009-06-08 15:44:15 +0200 jl r272735 : #i100873# unzipping of nss.tar.z not working with 4nt
2009-06-08 09:45:46 +0200 jl r272720 : #i100873#
2009-06-03 13:53:52 +0200 jl r272562 : #i100873# MOZILLABUILD not correct
2009-06-03 13:17:54 +0200 jl r272557 : #i100873# readme and makefile changes from cws jl125, support of new nss module
2009-06-03 09:57:40 +0200 jl r272544 : #i100873# added readme
2009-06-02 16:47:47 +0200 jl r272512 : #i100873# removed no longer needed stuff regarding jnilibs
2009-06-02 15:54:42 +0200 jl r272510 : #i100873# added NSS to BUILD_TYPE
2009-06-02 15:20:18 +0200 jl r272508 : #i100873# DEREFERENCE option for copy command
2009-06-02 13:00:12 +0200 jl r272496 : #i100873# PATCH_FILE_NAMES is now PATCH_FILES
2009-06-02 12:23:39 +0200 jl r272494 : #i100873# build dependency to nss
2009-05-29 16:21:40 +0200 jl r272470 : #i100873# seting ENABLE_NSS_MODULE==YES and includeing mozilla-build-1.3 folder in environment
2009-05-29 16:03:23 +0200 jl r272468 : #i100873# use intermediate certificates when validating a certificate
2009-05-29 15:57:16 +0200 jl r272466 : #i100873# use intermediate certificates when validating a certificate
2009-05-29 15:49:58 +0200 jl r272464 : #i100873# using ENABLE_NSS_MODULE
2009-05-29 15:33:14 +0200 jl r272463 : #i100873# using ENABLE_NSS_MODULE
2009-05-29 15:28:39 +0200 jl r272461 : #i100873# build dependency to nss module
2009-05-29 15:24:57 +0200 jl r272460 : #i100873# pass additional certificates into verifyCertificate function
2009-05-29 14:49:40 +0200 jl r272458 : #i100873# new NSS module
2009-05-29 14:43:44 +0200 jl r272457 : #i100873# new NSS module
Diffstat (limited to 'ucb/source/ucp/webdav/NeonSession.cxx')
| -rw-r--r-- | ucb/source/ucp/webdav/NeonSession.cxx | 48 |
1 files changed, 39 insertions, 9 deletions
diff --git a/ucb/source/ucp/webdav/NeonSession.cxx b/ucb/source/ucp/webdav/NeonSession.cxx index 4ceeef476d66..f1028f0dc535 100644 --- a/ucb/source/ucp/webdav/NeonSession.cxx +++ b/ucb/source/ucp/webdav/NeonSession.cxx @@ -32,6 +32,7 @@ #include "precompiled_ucb.hxx" #include <hash_map> +#include <vector> #include <string.h> #include <rtl/string.h> #include <ne_socket.h> @@ -41,6 +42,8 @@ #include <ne_ssl.h> #include "libxml/parser.h" #include <rtl/ustrbuf.hxx> +#include "comphelper/sequence.hxx" + #include "DAVAuthListener.hxx" #include "NeonTypes.hxx" #include "NeonSession.hxx" @@ -395,6 +398,7 @@ extern "C" int NeonSession_CertificationNotify( void *userdata, int failures, const ne_ssl_certificate *cert ) { + OSL_ASSERT(cert); NeonSession * pSession = static_cast< NeonSession * >( userdata ); uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecurityEnv; uno::Reference< ::com::sun::star::security::XCertificateContainer > xCertificateContainer; @@ -442,18 +446,44 @@ extern "C" int NeonSession_CertificationNotify( void *userdata, xSecurityEnv = mxSecurityContext->getSecurityEnvironment(); - char * rawCert; - - rawCert = ne_ssl_cert_export( cert ); + //The end entity certificate + char * eeCertB64 = ne_ssl_cert_export( cert ); - ::rtl::OString sRawCert( rawCert ); + ::rtl::OString sEECertB64( eeCertB64 ); - uno::Reference< com::sun::star::security::XCertificate> xCert = xSecurityEnv->createCertificateFromAscii( ::rtl::OStringToOUString( sRawCert, RTL_TEXTENCODING_ASCII_US ) ); + uno::Reference< com::sun::star::security::XCertificate> xEECert = + xSecurityEnv->createCertificateFromAscii( + ::rtl::OStringToOUString( sEECertB64, RTL_TEXTENCODING_ASCII_US ) ); - sal_Int64 certValidity = xSecurityEnv->verifyCertificate( xCert ); + free(eeCertB64); + eeCertB64 = NULL; - - if ( pSession->isDomainMatch( GetHostnamePart( xCert.get()->getSubjectName())) ) + std::vector<uno::Reference<com::sun::star::security::XCertificate> > vecCerts; + const ne_ssl_certificate * issuerCert = cert; + do + { + //get the intermediate certificate + //the returned value is const ! Therfore it does not need to be freed + //with ne_ssl_cert_free, which takes a non-const argument + issuerCert = ne_ssl_cert_signedby(issuerCert); + if (NULL == issuerCert) + break; + + char * imCertB64 = ne_ssl_cert_export(issuerCert); + ::rtl::OString sInterMediateCertB64(imCertB64); + free(imCertB64); + uno::Reference< com::sun::star::security::XCertificate> xImCert = + xSecurityEnv->createCertificateFromAscii( + ::rtl::OStringToOUString( sInterMediateCertB64, RTL_TEXTENCODING_ASCII_US ) ); + if (xImCert.is()) + vecCerts.push_back(xImCert); + }while (1); + + sal_Int64 certValidity = xSecurityEnv->verifyCertificate( xEECert, + ::comphelper::containerToSequence(vecCerts) ); + + + if ( pSession->isDomainMatch( GetHostnamePart( xEECert.get()->getSubjectName())) ) { //if host name matched with certificate then look if the certificate was ok if( certValidity == ::security::CertificateValidity::VALID ) @@ -472,7 +502,7 @@ extern "C" int NeonSession_CertificationNotify( void *userdata, if ( xIH.is() ) { rtl::Reference< ucbhelper::SimpleCertificateValidationRequest > xRequest - = new ucbhelper::SimpleCertificateValidationRequest((sal_Int32)failures, xCert, pSession->getHostName() ); + = new ucbhelper::SimpleCertificateValidationRequest((sal_Int32)failures, xEECert, pSession->getHostName() ); xIH->handle( xRequest.get() ); rtl::Reference< ucbhelper::InteractionContinuation > xSelection |