encompass-neon-update.patch

   1 --- encompass-0.5.99.3/src/encompass-http.c.orig        Sat May 31 19:38:52 2003
   2 +++ encompass-0.5.99.3/src/encompass-http.c     Fri Jul  4 13:23:51 2003
   3 @@ -142,9 +142,9 @@
   4      if (!g_strcasecmp ("https", uri->protocol)) {
   5        ne_ssl_set_verify (session->session,
   6                          (void *) encompass_ssl_verify, window);
   7 -      ne_ssl_provide_ccert (session->session,
   8 -                           (void *) encompass_ssl_provide_cert, window);
   9 -      ne_ssl_load_default_ca (session->session);
  10 +      ne_ssl_provide_clicert (session->session,
  11 +                           encompass_ssl_provide_cert, window);
  12 +      ne_ssl_trust_default_ca (session->session);
  13      }
  14      if (window->prefs->use_proxy) {
  15        ne_session_proxy (session->session, window->prefs->proxy_host,
  16 --- encompass-0.5.99.3/src/encompass-ssl.c.orig Sat May 31 19:00:18 2003
  17 +++ encompass-0.5.99.3/src/encompass-ssl.c      Fri Jul  4 13:25:53 2003
  18 @@ -4,19 +4,9 @@
  19    gchar * from;
  20    gchar * to;
  21
  22 -  gchar * sCountry;
  23 -  gchar * sState;
  24 -  gchar * sLocality;
  25    gchar * sOrganization;
  26 -  gchar * sOrgUnit;
  27 -  gchar * sCNAME;
  28
  29 -  gchar * iCountry;
  30 -  gchar * iState;
  31 -  gchar * iLocality;
  32    gchar * iOrganization;
  33 -  gchar * iOrgUnit;
  34 -  gchar * iCNAME;
  35  };
  36
  37  static gboolean IS_THIS_SSL_CERT_GOOD_BECAUSE_NEON_IS_ON_CRACK;
  38 @@ -25,29 +15,21 @@
  39    g_free (key->from);
  40    g_free (key->to);
  41
  42 -  g_free (key->sCountry);
  43 -  g_free (key->sState);
  44 -  g_free (key->sLocality);
  45    g_free (key->sOrganization);
  46 -  g_free (key->sOrgUnit);
  47 -  g_free (key->sCNAME);
  48
  49 -  g_free (key->iCountry);
  50 -  g_free (key->iState);
  51 -  g_free (key->iLocality);
  52    g_free (key->iOrganization);
  53 -  g_free (key->iOrgUnit);
  54 -  g_free (key->iCNAME);
  55  }
  56
  57  static void * e_for_each (gchar * key, ESSLCert * value,
  58                           const ne_ssl_certificate * cert) {
  59    const ESSLCert * crack;
  60 +  char * certdn;
  61
  62    crack = g_hash_table_lookup (ECerts, key);
  63 +  certdn = ne_ssl_readable_dname (ne_ssl_cert_subject (cert));
  64
  65 -  if (!strcmp (crack->sCNAME, cert->subject->commonName) &&
  66 -      !strcmp (key, cert->subject->commonName)) {
  67 +  if (!strcmp (crack->sOrganization, certdn) &&
  68 +      !strcmp (key, certdn)) {
  69      IS_THIS_SSL_CERT_GOOD_BECAUSE_NEON_IS_ON_CRACK = TRUE;
  70    } else {
  71      IS_THIS_SSL_CERT_GOOD_BECAUSE_NEON_IS_ON_CRACK = FALSE;
  72 @@ -60,6 +42,7 @@
  73    gchar * errmsg;
  74    gint retval;
  75    ESSLCert * foobar;
  76 +  char cert_from[NE_SSL_VDATELEN], cert_until[NE_SSL_VDATELEN];
  77
  78    /* TODO: Implement a real dialog and better error checking */
  79
  80 @@ -78,12 +61,12 @@
  81      errmsg = g_strdup (_("Certificate has expired.\n\n"
  82                          "Do you wish to continue?"));
  83    }
  84 -  if (failures & NE_SSL_UNKNOWNCA) {
  85 +  if (failures & NE_SSL_UNTRUSTED) {
  86      errmsg = g_strdup (_("The security certificate was issued by a company\n"
  87                          "you have not chosen to trust.\n\n"
  88                          "Do you wish to continue?"));
  89    }
  90 -  if (failures & NE_SSL_CNMISMATCH) {
  91 +  if (failures & NE_SSL_IDMISMATCH) {
  92      errmsg = g_strdup (_("The hostname of the certificate does not match\n"
  93                          "the hostname of the server.\n\n"
  94                          "Do you wish to continue?"));
  95 @@ -95,10 +78,10 @@
  96
  97    /* TODO: These need to go in some sort of "View Cert" dialog instead */
  98
  99 -  printf ("DEBUG: Valid from %s until %s\n", cert->from, cert->until);
 100 -  printf ("DEBUG: Issued by: %s\n", cert->issuer->organization);
 101 -  printf ("DEBUG: Issued to: %s\n", cert->subject->organization);
 102 -  printf ("DEBUG: Domain: %s\n", cert->subject->commonName);
 103 +  ne_ssl_cert_validity (cert, cert_from, cert_until);
 104 +  printf ("DEBUG: Valid from %s until %s\n", cert_from, cert_until);
 105 +  printf ("DEBUG: Issued by: %s\n", ne_ssl_readable_dname (ne_ssl_cert_issuer (cert)));
 106 +  printf ("DEBUG: Issued to: %s\n", ne_ssl_readable_dname (ne_ssl_cert_subject (cert)));
 107
 108    mbox = gnome_message_box_new (errmsg, GNOME_MESSAGE_BOX_WARNING,
 109                                 GNOME_STOCK_BUTTON_YES,
 110 @@ -110,24 +93,14 @@
 111
 112      ecert = g_new0 (ESSLCert, 1);
 113
 114 -    ecert->from = g_strdup (cert->from);
 115 -    ecert->to = g_strdup (cert->until);
 116 +    ecert->from = g_strdup (cert_from);
 117 +    ecert->to = g_strdup (cert_until);
 118
 119 -    ecert->sCountry = g_strdup (cert->subject->country);
 120 -    ecert->sState = g_strdup (cert->subject->state);
 121 -    ecert->sLocality = g_strdup (cert->subject->locality);
 122 -    ecert->sOrganization = g_strdup (cert->subject->organization);
 123 -    ecert->sOrgUnit = g_strdup (cert->subject->organizationalUnit);
 124 -    ecert->sCNAME = g_strdup (cert->subject->commonName);
 125 -
 126 -    ecert->iCountry = g_strdup (cert->issuer->country);
 127 -    ecert->iState = g_strdup (cert->issuer->state);
 128 -    ecert->iLocality = g_strdup (cert->issuer->locality);
 129 -    ecert->iOrganization = g_strdup (cert->issuer->organization);
 130 -    ecert->iOrgUnit = g_strdup (cert->issuer->organizationalUnit);
 131 -    ecert->iCNAME = g_strdup (cert->issuer->commonName);
 132 +    ecert->sOrganization = g_strdup (ne_ssl_readable_dname (ne_ssl_cert_subject (cert)));
 133
 134 -    g_hash_table_insert (ECerts, ecert->sCNAME, ecert);
 135 +    ecert->iOrganization = g_strdup (ne_ssl_readable_dname (ne_ssl_cert_issuer (cert)));
 136 +
 137 +    g_hash_table_insert (ECerts, ecert->sOrganization, ecert);
 138    }
 139
 140    return retval;
 141 @@ -135,6 +108,8 @@
 142
 143  void * encompass_ssl_provide_cert (BrowserWindow * window,
 144                                    ne_session * session,
 145 -                                  const ne_ssl_dname * dname) {
 146 -  printf ("DEBUG: server: %s\n", ne_ssl_readable_dname (dname));
 147 +                                  const ne_ssl_dname *const *dnames,
 148 +                                  int dncount) {
 149 +  if (dncount > 0)
 150 +  printf ("DEBUG: server: %s\n", ne_ssl_readable_dname (dnames[0]));
 151  }
 152 --- encompass-0.5.99.3/src/encompass-goto.c.orig        Wed May 14 01:46:12 2003
 153 +++ encompass-0.5.99.3/src/encompass-goto.c     Fri Jul  4 13:20:02 2003
 154 @@ -76,9 +76,9 @@
 155
 156      if (!g_strcasecmp ("https", uri->protocol)) {
 157        ne_ssl_set_verify (session, (void *) encompass_ssl_verify, window);
 158 -      ne_ssl_provide_ccert (session, (void *) encompass_ssl_provide_cert,
 159 +      ne_ssl_provide_clicert (session, encompass_ssl_provide_cert,
 160                             window);
 161 -      ne_ssl_load_default_ca (session);
 162 +      ne_ssl_trust_default_ca (session);
 163      }
 164      if (window->prefs->use_proxy) {
 165        ne_session_proxy (session, window->prefs->proxy_host,
 166 --- encompass-0.5.99.3/src/encompass-ssl.h.orig Wed May 14 01:46:13 2003
 167 +++ encompass-0.5.99.3/src/encompass-ssl.h      Fri Jul  4 13:19:57 2003
 168 @@ -8,6 +8,7 @@
 169                            const ne_ssl_certificate * cert);
 170  void * encompass_ssl_provide_cert (BrowserWindow * window,
 171                                    ne_session * session,
 172 -                                  const ne_ssl_dname * dname);
 173 +                                  const ne_ssl_dname *const *dnames,
 174 +                                  int dncount);
 175
 176  #endif