]>
Commit | Line | Data |
---|---|---|
f38d4571 JB |
1 | --- encompass-0.5.99.3/src/encompass-http.c.orig Sat May 31 19:38:52 2003 |
2 | +++ encompass-0.5.99.3/src/encompass-http.c Fri Jul 4 13:23:51 2003 | |
3 | @@ -142,9 +142,9 @@ | |
4 | if (!g_strcasecmp ("https", uri->protocol)) { | |
5 | ne_ssl_set_verify (session->session, | |
6 | (void *) encompass_ssl_verify, window); | |
7 | - ne_ssl_provide_ccert (session->session, | |
8 | - (void *) encompass_ssl_provide_cert, window); | |
9 | - ne_ssl_load_default_ca (session->session); | |
10 | + ne_ssl_provide_clicert (session->session, | |
11 | + encompass_ssl_provide_cert, window); | |
12 | + ne_ssl_trust_default_ca (session->session); | |
13 | } | |
14 | if (window->prefs->use_proxy) { | |
15 | ne_session_proxy (session->session, window->prefs->proxy_host, | |
16 | --- encompass-0.5.99.3/src/encompass-ssl.c.orig Sat May 31 19:00:18 2003 | |
17 | +++ encompass-0.5.99.3/src/encompass-ssl.c Fri Jul 4 13:25:53 2003 | |
18 | @@ -4,19 +4,9 @@ | |
19 | gchar * from; | |
20 | gchar * to; | |
21 | ||
22 | - gchar * sCountry; | |
23 | - gchar * sState; | |
24 | - gchar * sLocality; | |
25 | gchar * sOrganization; | |
26 | - gchar * sOrgUnit; | |
27 | - gchar * sCNAME; | |
28 | ||
29 | - gchar * iCountry; | |
30 | - gchar * iState; | |
31 | - gchar * iLocality; | |
32 | gchar * iOrganization; | |
33 | - gchar * iOrgUnit; | |
34 | - gchar * iCNAME; | |
35 | }; | |
36 | ||
37 | static gboolean IS_THIS_SSL_CERT_GOOD_BECAUSE_NEON_IS_ON_CRACK; | |
38 | @@ -25,29 +15,21 @@ | |
39 | g_free (key->from); | |
40 | g_free (key->to); | |
41 | ||
42 | - g_free (key->sCountry); | |
43 | - g_free (key->sState); | |
44 | - g_free (key->sLocality); | |
45 | g_free (key->sOrganization); | |
46 | - g_free (key->sOrgUnit); | |
47 | - g_free (key->sCNAME); | |
48 | ||
49 | - g_free (key->iCountry); | |
50 | - g_free (key->iState); | |
51 | - g_free (key->iLocality); | |
52 | g_free (key->iOrganization); | |
53 | - g_free (key->iOrgUnit); | |
54 | - g_free (key->iCNAME); | |
55 | } | |
56 | ||
57 | static void * e_for_each (gchar * key, ESSLCert * value, | |
58 | const ne_ssl_certificate * cert) { | |
59 | const ESSLCert * crack; | |
60 | + char * certdn; | |
61 | ||
62 | crack = g_hash_table_lookup (ECerts, key); | |
63 | + certdn = ne_ssl_readable_dname (ne_ssl_cert_subject (cert)); | |
64 | ||
65 | - if (!strcmp (crack->sCNAME, cert->subject->commonName) && | |
66 | - !strcmp (key, cert->subject->commonName)) { | |
67 | + if (!strcmp (crack->sOrganization, certdn) && | |
68 | + !strcmp (key, certdn)) { | |
69 | IS_THIS_SSL_CERT_GOOD_BECAUSE_NEON_IS_ON_CRACK = TRUE; | |
70 | } else { | |
71 | IS_THIS_SSL_CERT_GOOD_BECAUSE_NEON_IS_ON_CRACK = FALSE; | |
72 | @@ -60,6 +42,7 @@ | |
73 | gchar * errmsg; | |
74 | gint retval; | |
75 | ESSLCert * foobar; | |
76 | + char cert_from[NE_SSL_VDATELEN], cert_until[NE_SSL_VDATELEN]; | |
77 | ||
78 | /* TODO: Implement a real dialog and better error checking */ | |
79 | ||
80 | @@ -78,12 +61,12 @@ | |
81 | errmsg = g_strdup (_("Certificate has expired.\n\n" | |
82 | "Do you wish to continue?")); | |
83 | } | |
84 | - if (failures & NE_SSL_UNKNOWNCA) { | |
85 | + if (failures & NE_SSL_UNTRUSTED) { | |
86 | errmsg = g_strdup (_("The security certificate was issued by a company\n" | |
87 | "you have not chosen to trust.\n\n" | |
88 | "Do you wish to continue?")); | |
89 | } | |
90 | - if (failures & NE_SSL_CNMISMATCH) { | |
91 | + if (failures & NE_SSL_IDMISMATCH) { | |
92 | errmsg = g_strdup (_("The hostname of the certificate does not match\n" | |
93 | "the hostname of the server.\n\n" | |
94 | "Do you wish to continue?")); | |
95 | @@ -95,10 +78,10 @@ | |
96 | ||
97 | /* TODO: These need to go in some sort of "View Cert" dialog instead */ | |
98 | ||
99 | - printf ("DEBUG: Valid from %s until %s\n", cert->from, cert->until); | |
100 | - printf ("DEBUG: Issued by: %s\n", cert->issuer->organization); | |
101 | - printf ("DEBUG: Issued to: %s\n", cert->subject->organization); | |
102 | - printf ("DEBUG: Domain: %s\n", cert->subject->commonName); | |
103 | + ne_ssl_cert_validity (cert, cert_from, cert_until); | |
104 | + printf ("DEBUG: Valid from %s until %s\n", cert_from, cert_until); | |
105 | + printf ("DEBUG: Issued by: %s\n", ne_ssl_readable_dname (ne_ssl_cert_issuer (cert))); | |
106 | + printf ("DEBUG: Issued to: %s\n", ne_ssl_readable_dname (ne_ssl_cert_subject (cert))); | |
107 | ||
108 | mbox = gnome_message_box_new (errmsg, GNOME_MESSAGE_BOX_WARNING, | |
109 | GNOME_STOCK_BUTTON_YES, | |
110 | @@ -110,24 +93,14 @@ | |
111 | ||
112 | ecert = g_new0 (ESSLCert, 1); | |
113 | ||
114 | - ecert->from = g_strdup (cert->from); | |
115 | - ecert->to = g_strdup (cert->until); | |
116 | + ecert->from = g_strdup (cert_from); | |
117 | + ecert->to = g_strdup (cert_until); | |
118 | ||
119 | - ecert->sCountry = g_strdup (cert->subject->country); | |
120 | - ecert->sState = g_strdup (cert->subject->state); | |
121 | - ecert->sLocality = g_strdup (cert->subject->locality); | |
122 | - ecert->sOrganization = g_strdup (cert->subject->organization); | |
123 | - ecert->sOrgUnit = g_strdup (cert->subject->organizationalUnit); | |
124 | - ecert->sCNAME = g_strdup (cert->subject->commonName); | |
125 | - | |
126 | - ecert->iCountry = g_strdup (cert->issuer->country); | |
127 | - ecert->iState = g_strdup (cert->issuer->state); | |
128 | - ecert->iLocality = g_strdup (cert->issuer->locality); | |
129 | - ecert->iOrganization = g_strdup (cert->issuer->organization); | |
130 | - ecert->iOrgUnit = g_strdup (cert->issuer->organizationalUnit); | |
131 | - ecert->iCNAME = g_strdup (cert->issuer->commonName); | |
132 | + ecert->sOrganization = g_strdup (ne_ssl_readable_dname (ne_ssl_cert_subject (cert))); | |
133 | ||
134 | - g_hash_table_insert (ECerts, ecert->sCNAME, ecert); | |
135 | + ecert->iOrganization = g_strdup (ne_ssl_readable_dname (ne_ssl_cert_issuer (cert))); | |
136 | + | |
137 | + g_hash_table_insert (ECerts, ecert->sOrganization, ecert); | |
138 | } | |
139 | ||
140 | return retval; | |
141 | @@ -135,6 +108,8 @@ | |
142 | ||
143 | void * encompass_ssl_provide_cert (BrowserWindow * window, | |
144 | ne_session * session, | |
145 | - const ne_ssl_dname * dname) { | |
146 | - printf ("DEBUG: server: %s\n", ne_ssl_readable_dname (dname)); | |
147 | + const ne_ssl_dname *const *dnames, | |
148 | + int dncount) { | |
149 | + if (dncount > 0) | |
150 | + printf ("DEBUG: server: %s\n", ne_ssl_readable_dname (dnames[0])); | |
151 | } | |
152 | --- encompass-0.5.99.3/src/encompass-goto.c.orig Wed May 14 01:46:12 2003 | |
153 | +++ encompass-0.5.99.3/src/encompass-goto.c Fri Jul 4 13:20:02 2003 | |
154 | @@ -76,9 +76,9 @@ | |
155 | ||
156 | if (!g_strcasecmp ("https", uri->protocol)) { | |
157 | ne_ssl_set_verify (session, (void *) encompass_ssl_verify, window); | |
158 | - ne_ssl_provide_ccert (session, (void *) encompass_ssl_provide_cert, | |
159 | + ne_ssl_provide_clicert (session, encompass_ssl_provide_cert, | |
160 | window); | |
161 | - ne_ssl_load_default_ca (session); | |
162 | + ne_ssl_trust_default_ca (session); | |
163 | } | |
164 | if (window->prefs->use_proxy) { | |
165 | ne_session_proxy (session, window->prefs->proxy_host, | |
166 | --- encompass-0.5.99.3/src/encompass-ssl.h.orig Wed May 14 01:46:13 2003 | |
167 | +++ encompass-0.5.99.3/src/encompass-ssl.h Fri Jul 4 13:19:57 2003 | |
168 | @@ -8,6 +8,7 @@ | |
169 | const ne_ssl_certificate * cert); | |
170 | void * encompass_ssl_provide_cert (BrowserWindow * window, | |
171 | ne_session * session, | |
172 | - const ne_ssl_dname * dname); | |
173 | + const ne_ssl_dname *const *dnames, | |
174 | + int dncount); | |
175 | ||
176 | #endif |