1. 31 Aug, 2017 1 commit
  2. 26 Aug, 2017 1 commit
  3. 17 Aug, 2017 1 commit
  4. 16 Aug, 2017 1 commit
    • Michael Catanzaro's avatar
      Stop using -Werror · 3d251791
      Michael Catanzaro authored
      It will never build if -Werror is passed by default, and nobody has
      fixed five years worth of compiler warnings.
      3d251791
  5. 21 Mar, 2017 2 commits
    • Debarshi Ray's avatar
      Remove the GnuTLS dependency · e6e0590e
      Debarshi Ray authored
      GIO, backed by glib-networking, has everything that we need.
      
      https://bugzilla.gnome.org/show_bug.cgi?id=780160
      e6e0590e
    • Debarshi Ray's avatar
      tls-verifier: Use GIO to verify the chain of TLS certificates · d5b17f72
      Debarshi Ray authored
      Gcr has its own hand rolled code to complete the certificate chain and
      validate it, which predates the equivalent functionality in GIO. These
      days, GIO's GnuTLS backend is a better option because it defers to
      GnuTLS to do the right thing. It benefits automatically from any
      improvements made to GnuTLS itself.
      
      However, GIO doesn't support certificate pinning. Gcr continues to
      provide that feature.
      
      Note:
      
      (a) We don't set "certificate-hostname" when we encounter
      TP_TLS_CERTIFICATE_REJECT_REASON_HOSTNAME_MISMATCH. The resulting loss
      of verbosity in EmpathyTLSDialog is balanced by no longer relying on a
      specific encryption library.
      
      (b) glib-networking doesn't differentiate between
      GNUTLS_CERT_SIGNER_NOT_FOUND and GNUTLS_CERT_SIGNER_NOT_CA. Hence, we
      club them together as TP_TLS_CERTIFICATE_REJECT_REASON_UNTRUSTED and we
      no longer return TP_TLS_CERTIFICATE_REJECT_REASON_SELF_SIGNED.
      
      (c) Unlike Gcr, GnuTLS doesn't seem to provide a way to load a PKCS#11
      module that's built into the code, as opposed to being a shared object.
      This makes it hard for us to load our mock PKCS#11 module. Therefore,
      we have disabled the test case that relies on using PKCS#11 storage to
      complete the certificate chain.
      
      Bump required GLib version to 2.48. We really do need 2.48 because we
      rely on the improvements to GIO's GnuTLS backend.
      
      https://bugzilla.gnome.org/show_bug.cgi?id=780160
      d5b17f72
  6. 14 Feb, 2017 1 commit
  7. 26 Jan, 2017 1 commit
  8. 21 Nov, 2016 1 commit
  9. 22 Jul, 2016 1 commit
  10. 27 Jun, 2016 2 commits
  11. 13 May, 2016 2 commits
  12. 14 Oct, 2015 2 commits
  13. 01 Oct, 2015 1 commit
  14. 13 May, 2015 1 commit
  15. 15 Apr, 2015 2 commits
  16. 23 Mar, 2015 1 commit
  17. 16 Mar, 2015 2 commits
  18. 14 Oct, 2014 2 commits
  19. 12 Sep, 2014 2 commits
  20. 20 Aug, 2014 2 commits
  21. 23 Jun, 2014 2 commits
  22. 11 Jun, 2014 2 commits
  23. 14 May, 2014 2 commits
  24. 14 Apr, 2014 2 commits
  25. 24 Mar, 2014 2 commits
  26. 17 Mar, 2014 1 commit