-
- Downloads
device revocation: refuse loading revoked device
The missing piece for working device revocation. * cert store: always use certificate chain match to check parent certificate. We used to allow a certificate if the parent certificate was explicitly allowed. This doesn't check for revoked device certificate. Instead, always check certificates using the standard certificate chain method except if the certificate itself is whitelisted. * ringaccount: check the account own device certificate chain This cause a revoked account to fail loading and propose the user to generate a new device from the archive through the standard account migration procedure. * ringaccount: check device loaded from disc using the common routine to discard devices revoked since the last save. Tuleap: #1457 Change-Id: I03f015e78d1d14f5f2e9f99a6d3dd47a6f2c5bfe
parent
f9e1dd5d
Branches wip/patches_poly_2017/Belkouch/Larose wip/patches_poly_2017/BrandonChan/KaixiangMu wip/patches_poly_2017/GabrielCoteJones/OmidAdibi wip/patches_poly_2017/IvanMolodtsov/JordanThibault wip/patches_poly_2017/JeanSimonMarrocco/CoraliePharand wip/patches_poly_2017/Lauzon/Loiselle wip/patches_poly_2017/Meilleur/Bergeron-Miron wip/patches_poly_2017/Sicaud/Laborde wip/patches_poly_2017/arnaudPareVogt/mohamedRiadGahlouz wip/patches_poly_2017/eliasJambari/hugoTremblay wip/patches_poly_2017/sylvestreRousseau/michaelTulba wip/patches_poly_2017/yohanbruneau/marcanhoury
Tags
Showing
- src/ringdht/ringaccount.cpp 19 additions, 38 deletionssrc/ringdht/ringaccount.cpp
- src/ringdht/ringaccount.h 3 additions, 1 deletionsrc/ringdht/ringaccount.h
- src/security/certstore.cpp 0 additions, 10 deletionssrc/security/certstore.cpp
- src/security/certstore.h 17 additions, 0 deletionssrc/security/certstore.h
Loading
Please register or sign in to comment