From: Guillaume Desmottes Date: Wed, 18 Apr 2012 13:39:45 +0000 (+0200) Subject: Stop generating Certificate API X-Git-Url: https://git.0d.be/?p=empathy.git;a=commitdiff_plain;h=095cb1798bd4214653a85133de8fc577d23c268b Stop generating Certificate API https://bugzilla.gnome.org/show_bug.cgi?id=674318 --- diff --git a/extensions/Authentication_TLS_Certificate.xml b/extensions/Authentication_TLS_Certificate.xml deleted file mode 100644 index db1d76fd..00000000 --- a/extensions/Authentication_TLS_Certificate.xml +++ /dev/null @@ -1,305 +0,0 @@ - - - Copyright © 2010 Collabora Limited - - This library is free software; you can redistribute it and/or -modify it under the terms of the GNU Lesser General Public -License as published by the Free Software Foundation; either -version 2.1 of the License, or (at your option) any later version. - -This library is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -Lesser General Public License for more details. - -You should have received a copy of the GNU Lesser General Public -License along with this library; if not, write to the Free Software -Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - - - - (as stable API) - - - This object represents a TLS certificate. - - - - -

The raw data contained in a TLS certificate.

- -

For X.509 certificates (CertificateType - = "x509"), this MUST be in DER format, as defined by the - X.690 - ITU standard.

- -

For PGP certificates (CertificateType - = "pgp"), this MUST be a binary OpenPGP key as defined by section 11.1 - of RFC 4880.

- - - - - -

Struct representing one reason why a TLS certificate was rejected.

-

Since there can be multiple things wrong with a TLS certificate, - arrays of this type are used to represent lists of reasons for - rejection. In that case, the most important reason SHOULD be placed - first in the list.

- - - - -

The value of the TLS_Certificate_Reject_Reason enumeration for - this certificate rejection. - - Clients that do not understand the Error member, - which may be implementation-specific, can use this property to - classify rejection reasons into common categories. - -

- - - - - -

The DBus error name for this certificate rejection.

-

This MAY correspond to the value of the Reason member, - or MAY be a more specific D-Bus error name, perhaps implementation-specific.

- - - - - -

Additional information about why the certificate was rejected. - This MAY also include one or more of the following well-known keys:

-

-

-
user-requested (b)
-
True if the error was due to an user-requested rejection of - the certificate; False if there was an unrecoverable error in the - verification process.
-
expected-hostname (s)
-
If the rejection reason is Hostname_Mismatch, the hostname that - the server certificate was expected to have.
-
certificate-hostname (s)
-
If the rejection reason is Hostname_Mismatch, the hostname of - the certificate that was presented. - -

For instance, if you try to connect to gmail.com but are presented - with a TLS certificate issued to evil.example.org, the error details - for Hostname_Mismatch MAY include:

- 
-                {
-                  'expected-hostname': 'gmail.com',
-                  'certificate-hostname': 'evil.example.org',
-                }
-
- -
-
debug-message (s)
-
Debugging information on the error, corresponding to the - message part of a D-Bus error message, which SHOULD NOT be - displayed to users under normal circumstances
-
-

- - - - - - - The possible states for a TLSCertificate - object. - - - - - The certificate is currently waiting to be accepted or rejected. - - - - - - The certificate has been verified. - - - - - - The certificate has been rejected. - - - - - - - Possible reasons to reject a TLS certificate. - - - - - The certificate has been rejected for another reason - not listed in this enumeration. - - - - - - The certificate is not trusted. - - - - - - The certificate is expired. - - - - - - The certificate is not active yet. - - - - - - The certificate provided does not have the expected - fingerprint. - - - - - - The hostname certified does not match the provided one. - - - - - - The certificate is self-signed. - - - - - - The certificate has been revoked. - - - - - - The certificate uses an insecure cipher algorithm, or is - cryptographically weak. - - - - - - The length in bytes of the certificate, or the depth of the - certificate chain exceed the limits imposed by the crypto - library. - - - - - - - The current state of this certificate. - State change notifications happen by means of the - Accepted and - Rejected signals. - - - - - -

If the State is Rejected, - an array of TLS_Certificate_Rejection - structures containing the reason why the certificate is rejected.

-

If the State is not Rejected, - this property is not meaningful, and SHOULD be set to an empty - array.

-

The first rejection in the list MAY be assumed to be - the most important; if the array contains more than one - element, the CM MAY either use the values after the first, - or ignore them.

- - - - - - The type of this TLS certificate (e.g. 'x509' or 'pgp'). -

This property is immutable

- - - - - -

One or more TLS certificates forming a trust chain, each encoded as - specified by Certificate_Data.

-

The first certificate in the chain MUST be the server certificate, - followed by the issuer's certificate, followed by the issuer's issuer - and so on.

- - - - - - The State of this certificate has changed to Accepted. - - - - - - The State of this certificate has changed to Rejected. - - - - The new value of the Rejections property. - - - - - - - Accepts this certificate, i.e. marks it as verified. - - - - - - Rejects this certificate. - - - -

The new value of the Rejections property.

-

This MUST NOT be an empty array.

- - - - - - Raised when the method is called on an object whose State - is not Pending, or when the provided rejection list is empty. - - - - - - - - diff --git a/extensions/Makefile.am b/extensions/Makefile.am index e3784ff4..2d8b8648 100644 --- a/extensions/Makefile.am +++ b/extensions/Makefile.am @@ -14,7 +14,6 @@ EXTRA_DIST = \ misc.xml \ Logger.xml \ Connection_Interface_Renaming.xml \ - Authentication_TLS_Certificate.xml \ Channel_Interface_Credentials_Storage.xml \ Channel_Type_Server_TLS_Connection.xml \ Chat_Manager.xml \ diff --git a/extensions/misc.xml b/extensions/misc.xml index a5856992..9d07e612 100644 --- a/extensions/misc.xml +++ b/extensions/misc.xml @@ -7,7 +7,6 @@ -