hook for certificate acception

2002-12-09 08:54:56 +00:00 · 2002-12-09 08:54:56 +00:00 · bb9cb53236
commit bb9cb53236
parent 3bf2e89722
8 changed files with 64 additions and 16 deletions
--- a/ChangeLog.claws
+++ b/ChangeLog.claws
@ -1,3 +1,14 @@
+2002-12-09 [colin]	0.8.6claws83
+
+	* src/gtk/sslcertwindow.[ch]
+		Implement hook for certificate acception
+	* src/ssl_certificate.[ch]
+		Implement hook for certificate acception
+	* src/common/ssl.c
+		Reenable certificate acception check
+	* src/mainwindow.c
+		Register sslcertwindow's hook
+	
 2002-12-08 [christoph]	0.8.6claws82

 	* src/about.c
--- a/configure.in
+++ b/configure.in
@ -11,7 +11,7 @@ MINOR_VERSION=8
 MICRO_VERSION=6
 INTERFACE_AGE=0
 BINARY_AGE=0
-EXTRA_VERSION=claws82
+EXTRA_VERSION=claws83
 VERSION=$MAJOR_VERSION.$MINOR_VERSION.$MICRO_VERSION$EXTRA_VERSION

 dnl set $target
--- a/src/common/ssl.c
+++ b/src/common/ssl.c
@ -109,17 +109,12 @@ gboolean ssl_init_socket_with_method(SockInfo *sockinfo, SSLMethod method)
 		return FALSE;
 	}

-/*	FIXME
-
-	gui independant certificate check and callback for
-	gui for user accepted certificates
-	
 	if (!ssl_certificate_check(server_cert, sockinfo->hostname, sockinfo->port)) {
 		X509_free(server_cert);
 		SSL_free(ssl);
 		return FALSE;
 	}
-*/
+
 	X509_free(server_cert);
 	sockinfo->ssl = ssl;

--- a/src/gtk/sslcertwindow.c
+++ b/src/gtk/sslcertwindow.c
@ -199,6 +199,25 @@ GtkWidget *cert_presenter(SSLCertificate *cert)
 	return vbox;
 }

+static gboolean sslcert_ask_hook(gpointer source, gpointer data)
+{
+	SSLCertHookData *hookdata = (SSLCertHookData *)source;
+	if (hookdata == NULL) {
+		return FALSE;
+	}
+	if (hookdata->old_cert == NULL)
+		hookdata->accept = sslcertwindow_ask_new_cert(hookdata->cert);
+	else
+		hookdata->accept = sslcertwindow_ask_changed_cert(hookdata->old_cert, hookdata->cert);
+
+	return TRUE;
+}
+
+void sslcertwindow_register_hook(void)
+{
+	hooks_register_hook(SSLCERT_ASK_HOOKLIST, sslcert_ask_hook, NULL);
+}
+
 void sslcertwindow_show_cert(SSLCertificate *cert)
 {
 	GtkWidget *cert_widget = cert_presenter(cert);
--- a/src/gtk/sslcertwindow.h
+++ b/src/gtk/sslcertwindow.h
@ -34,6 +34,7 @@

 GtkWidget *cert_presenter(SSLCertificate *cert);
 void sslcertwindow_show_cert(SSLCertificate *cert);
+void sslcertwindow_register_hook(void);
 gboolean sslcertwindow_ask_new_cert(SSLCertificate *cert);
 gboolean sslcertwindow_ask_changed_cert(SSLCertificate *old_cert, SSLCertificate *new_cert);

--- a/src/mainwindow.c
+++ b/src/mainwindow.c
@ -83,6 +83,7 @@
 #include "version.h"
 #include "selective_download.h"
 #include "ssl_manager.h"
+#include "sslcertwindow.h"

 #define AC_LABEL_WIDTH	240

@ -1103,7 +1104,9 @@ MainWindow *main_window_create(SeparateType type)
 	summary_init(summaryview);
 	messageview_init(messageview);
 	log_window_init(mainwin->logwin);
-
+#ifdef USE_OPENSSL
+	sslcertwindow_register_hook();
+#endif
 	mainwin->lock_count = 0;
 	mainwin->menu_lock_count = 0;
 	mainwin->cursor_count = 0;
--- a/src/ssl_certificate.c
+++ b/src/ssl_certificate.c
@ -26,11 +26,11 @@
 #include <openssl/ssl.h>
 #include <glib.h>
 #include "ssl_certificate.h"
-#include "sslcertwindow.h"
 #include "utils.h"
 #include "intl.h"
 #include "log.h"
 #include "socket.h"
+#include "hooks.h"

 static SSLCertificate *ssl_certificate_new_lookup(X509 *x509_cert, gchar *host, gushort port, gboolean lookup);

@ -335,7 +335,8 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
 {
 	SSLCertificate *current_cert = ssl_certificate_new(x509_cert, host, port);
 	SSLCertificate *known_cert;
-
+	SSLCertHookData cert_hook_data;
+	
 	if (current_cert == NULL) {
 		debug_print("Buggy certificate !\n");
 		return FALSE;
@ -381,11 +382,15 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
 			return FALSE;
 		}
 #endif
-		/* FIXME: replace this with a hook, then uncomment the check in ssl.c */ 
-		val = sslcertwindow_ask_new_cert(current_cert);
+		cert_hook_data.cert = current_cert;
+		cert_hook_data.old_cert = NULL;
+		cert_hook_data.accept = FALSE;
+		
+		hooks_invoke(SSLCERT_ASK_HOOKLIST, &cert_hook_data);
+		
 		g_free(err_msg);

-		if (!val) {
+		if (!cert_hook_data.accept) {
 			ssl_certificate_destroy(current_cert);
 			return FALSE;
 		} else {
@ -416,12 +421,15 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
 			return FALSE;
 		}
 #endif
+		cert_hook_data.cert = current_cert;
+		cert_hook_data.old_cert = known_cert;
+		cert_hook_data.accept = FALSE;
+		
+		hooks_invoke(SSLCERT_ASK_HOOKLIST, &cert_hook_data);
 		
-		/* FIXME: replace this with a hook, then uncomment the check in ssl.c */ 
-		val = sslcertwindow_ask_changed_cert(known_cert, current_cert);
 		g_free(err_msg);

-		if (!val) {
+		if (!cert_hook_data.accept) {
 			ssl_certificate_destroy(current_cert);
 			ssl_certificate_destroy(known_cert);
 			return FALSE;
--- a/src/ssl_certificate.h
+++ b/src/ssl_certificate.h
@ -30,6 +30,8 @@
 #include <openssl/objects.h>
 #include <glib.h>

+#define SSLCERT_ASK_HOOKLIST "sslcert_ask"
+
 typedef struct _SSLCertificate SSLCertificate;

 struct _SSLCertificate
@ -39,6 +41,15 @@ struct _SSLCertificate
 	gushort port;
 };

+typedef struct _SSLCertHookData SSLCertHookData;
+
+struct _SSLCertHookData
+{
+	SSLCertificate *cert;
+	SSLCertificate *old_cert;
+	gboolean accept;
+};
+
 SSLCertificate *ssl_certificate_find (gchar *host, gushort port);
 SSLCertificate *ssl_certificate_find_lookup (gchar *host, gushort port, gboolean lookup);
 gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port);