hook for certificate acception
This commit is contained in:
parent
3bf2e89722
commit
bb9cb53236
8 changed files with 64 additions and 16 deletions
|
@ -1,3 +1,14 @@
|
|||
2002-12-09 [colin] 0.8.6claws83
|
||||
|
||||
* src/gtk/sslcertwindow.[ch]
|
||||
Implement hook for certificate acception
|
||||
* src/ssl_certificate.[ch]
|
||||
Implement hook for certificate acception
|
||||
* src/common/ssl.c
|
||||
Reenable certificate acception check
|
||||
* src/mainwindow.c
|
||||
Register sslcertwindow's hook
|
||||
|
||||
2002-12-08 [christoph] 0.8.6claws82
|
||||
|
||||
* src/about.c
|
||||
|
|
|
@ -11,7 +11,7 @@ MINOR_VERSION=8
|
|||
MICRO_VERSION=6
|
||||
INTERFACE_AGE=0
|
||||
BINARY_AGE=0
|
||||
EXTRA_VERSION=claws82
|
||||
EXTRA_VERSION=claws83
|
||||
VERSION=$MAJOR_VERSION.$MINOR_VERSION.$MICRO_VERSION$EXTRA_VERSION
|
||||
|
||||
dnl set $target
|
||||
|
|
|
@ -109,17 +109,12 @@ gboolean ssl_init_socket_with_method(SockInfo *sockinfo, SSLMethod method)
|
|||
return FALSE;
|
||||
}
|
||||
|
||||
/* FIXME
|
||||
|
||||
gui independant certificate check and callback for
|
||||
gui for user accepted certificates
|
||||
|
||||
if (!ssl_certificate_check(server_cert, sockinfo->hostname, sockinfo->port)) {
|
||||
X509_free(server_cert);
|
||||
SSL_free(ssl);
|
||||
return FALSE;
|
||||
}
|
||||
*/
|
||||
|
||||
X509_free(server_cert);
|
||||
sockinfo->ssl = ssl;
|
||||
|
||||
|
|
|
@ -199,6 +199,25 @@ GtkWidget *cert_presenter(SSLCertificate *cert)
|
|||
return vbox;
|
||||
}
|
||||
|
||||
static gboolean sslcert_ask_hook(gpointer source, gpointer data)
|
||||
{
|
||||
SSLCertHookData *hookdata = (SSLCertHookData *)source;
|
||||
if (hookdata == NULL) {
|
||||
return FALSE;
|
||||
}
|
||||
if (hookdata->old_cert == NULL)
|
||||
hookdata->accept = sslcertwindow_ask_new_cert(hookdata->cert);
|
||||
else
|
||||
hookdata->accept = sslcertwindow_ask_changed_cert(hookdata->old_cert, hookdata->cert);
|
||||
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
void sslcertwindow_register_hook(void)
|
||||
{
|
||||
hooks_register_hook(SSLCERT_ASK_HOOKLIST, sslcert_ask_hook, NULL);
|
||||
}
|
||||
|
||||
void sslcertwindow_show_cert(SSLCertificate *cert)
|
||||
{
|
||||
GtkWidget *cert_widget = cert_presenter(cert);
|
||||
|
|
|
@ -34,6 +34,7 @@
|
|||
|
||||
GtkWidget *cert_presenter(SSLCertificate *cert);
|
||||
void sslcertwindow_show_cert(SSLCertificate *cert);
|
||||
void sslcertwindow_register_hook(void);
|
||||
gboolean sslcertwindow_ask_new_cert(SSLCertificate *cert);
|
||||
gboolean sslcertwindow_ask_changed_cert(SSLCertificate *old_cert, SSLCertificate *new_cert);
|
||||
|
||||
|
|
|
@ -83,6 +83,7 @@
|
|||
#include "version.h"
|
||||
#include "selective_download.h"
|
||||
#include "ssl_manager.h"
|
||||
#include "sslcertwindow.h"
|
||||
|
||||
#define AC_LABEL_WIDTH 240
|
||||
|
||||
|
@ -1103,7 +1104,9 @@ MainWindow *main_window_create(SeparateType type)
|
|||
summary_init(summaryview);
|
||||
messageview_init(messageview);
|
||||
log_window_init(mainwin->logwin);
|
||||
|
||||
#ifdef USE_OPENSSL
|
||||
sslcertwindow_register_hook();
|
||||
#endif
|
||||
mainwin->lock_count = 0;
|
||||
mainwin->menu_lock_count = 0;
|
||||
mainwin->cursor_count = 0;
|
||||
|
|
|
@ -26,11 +26,11 @@
|
|||
#include <openssl/ssl.h>
|
||||
#include <glib.h>
|
||||
#include "ssl_certificate.h"
|
||||
#include "sslcertwindow.h"
|
||||
#include "utils.h"
|
||||
#include "intl.h"
|
||||
#include "log.h"
|
||||
#include "socket.h"
|
||||
#include "hooks.h"
|
||||
|
||||
static SSLCertificate *ssl_certificate_new_lookup(X509 *x509_cert, gchar *host, gushort port, gboolean lookup);
|
||||
|
||||
|
@ -335,7 +335,8 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
|
|||
{
|
||||
SSLCertificate *current_cert = ssl_certificate_new(x509_cert, host, port);
|
||||
SSLCertificate *known_cert;
|
||||
|
||||
SSLCertHookData cert_hook_data;
|
||||
|
||||
if (current_cert == NULL) {
|
||||
debug_print("Buggy certificate !\n");
|
||||
return FALSE;
|
||||
|
@ -381,11 +382,15 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
|
|||
return FALSE;
|
||||
}
|
||||
#endif
|
||||
/* FIXME: replace this with a hook, then uncomment the check in ssl.c */
|
||||
val = sslcertwindow_ask_new_cert(current_cert);
|
||||
cert_hook_data.cert = current_cert;
|
||||
cert_hook_data.old_cert = NULL;
|
||||
cert_hook_data.accept = FALSE;
|
||||
|
||||
hooks_invoke(SSLCERT_ASK_HOOKLIST, &cert_hook_data);
|
||||
|
||||
g_free(err_msg);
|
||||
|
||||
if (!val) {
|
||||
if (!cert_hook_data.accept) {
|
||||
ssl_certificate_destroy(current_cert);
|
||||
return FALSE;
|
||||
} else {
|
||||
|
@ -416,12 +421,15 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
|
|||
return FALSE;
|
||||
}
|
||||
#endif
|
||||
cert_hook_data.cert = current_cert;
|
||||
cert_hook_data.old_cert = known_cert;
|
||||
cert_hook_data.accept = FALSE;
|
||||
|
||||
hooks_invoke(SSLCERT_ASK_HOOKLIST, &cert_hook_data);
|
||||
|
||||
/* FIXME: replace this with a hook, then uncomment the check in ssl.c */
|
||||
val = sslcertwindow_ask_changed_cert(known_cert, current_cert);
|
||||
g_free(err_msg);
|
||||
|
||||
if (!val) {
|
||||
if (!cert_hook_data.accept) {
|
||||
ssl_certificate_destroy(current_cert);
|
||||
ssl_certificate_destroy(known_cert);
|
||||
return FALSE;
|
||||
|
|
|
@ -30,6 +30,8 @@
|
|||
#include <openssl/objects.h>
|
||||
#include <glib.h>
|
||||
|
||||
#define SSLCERT_ASK_HOOKLIST "sslcert_ask"
|
||||
|
||||
typedef struct _SSLCertificate SSLCertificate;
|
||||
|
||||
struct _SSLCertificate
|
||||
|
@ -39,6 +41,15 @@ struct _SSLCertificate
|
|||
gushort port;
|
||||
};
|
||||
|
||||
typedef struct _SSLCertHookData SSLCertHookData;
|
||||
|
||||
struct _SSLCertHookData
|
||||
{
|
||||
SSLCertificate *cert;
|
||||
SSLCertificate *old_cert;
|
||||
gboolean accept;
|
||||
};
|
||||
|
||||
SSLCertificate *ssl_certificate_find (gchar *host, gushort port);
|
||||
SSLCertificate *ssl_certificate_find_lookup (gchar *host, gushort port, gboolean lookup);
|
||||
gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port);
|
||||
|
|
Loading…
Reference in a new issue