[Bug 29018] Allow interactive TLS certificate verification

Mon Sep 13 17:55:26 CEST 2010

https://bugs.freedesktop.org/show_bug.cgi?id=29018

--- Comment #22 from Simon McVittie <simon.mcvittie at collabora.co.uk> 2010-09-13 08:55:25 PDT ---
Gabble
======

> +  DEBUG ("TLS certificate rejected with rejections %p, long %u.",
> +      rejections, rejections->len);

length %u

Assuming you consider an empty list of rejections to be an internal error, this
should probably g_assert (rejections->len >= 1).

> +  rejection = g_ptr_array_index (rejections, 0);

Assuming you consider an empty list of rejections to be an internal error, this
needs a g_assert (rejections->len >= 1) before you dereference it.

> +  g_ptr_array_unref (rejections);

This will leak the GValueArrays. You need to use g_boxed_free
(GABBLE_ARRAY_TYPE_TLS_CERTIFICATE_REJECTION_LIST, rejections) to free the
contents too.

> +  tp_clear_pointer (&self->priv->rejections, g_ptr_array_unref);

Likewise. You can use tp_clear_boxed to combine the effects of tp_clear_pointer
and g_boxed_free. (This occurs at least twice in the TLSCertificate.)

> +  DEBUG ("Reject() called on the TLS certificate with rejections %p, "
> +      "long %u; current state %u", rejections, rejections->len,

length %u

You should either raise InvalidArgument if the list has length 0, or treat an
empty list as equivalent to this one-element list:

    [(Unknown, TP_ERROR_STR_CERT_INVALID, {})]

(probably by copying the empty list to the property and then 

Your choice. Please mention which way you want to go in the spec.

Empathy
=======

Guillaume pointed out a memory leak on IRC. I don't have any objections beyond
that.

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.