GothenburgBitFactory/taskwarrior
1
0
Fork 0
mirror of https://github.com/GothenburgBitFactory/taskwarrior.git synced 2025-07-07 20:06:36 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

TLSClient: add hostname verifcation

Browse source 
The CN or subjectAltNames of the TLS certification is now matched with
the hostname connected to.

taskd.trust is now a tristate value (allow all, ignore hostname,
strict) to optionally disable the new hostname verification.
This commit is contained in:
Alexander Sulfrian 2014-03-18 19:21:49 +01:00 committed by Paul Beckingham
parent fdcc04d13e
commit 7fb1487993
5 changed files with 73 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/TLSClient.h
View file

@ -34,11 +34,13 @@
class TLSClient
{
public:
enum trust_level { strict, ignore_hostname, allow_all };
TLSClient ();
~TLSClient ();
void limit (int);
void debug (int);
void trust (bool);
void trust (const enum trust_level);
void ciphers (const std::string&);
void init (const std::string&, const std::string&, const std::string&);
void connect (const std::string&, const std::string&);
@ -53,12 +55,14 @@ private:
std::string _cert;
std::string _key;
std::string _ciphers;
std::string _host;
std::string _port;
gnutls_certificate_credentials_t _credentials;
gnutls_session_t _session;
int _socket;
int _limit;
bool _debug;
bool _trust;
enum trust_level _trust;
};
#endif