src/ssl_certificate.c

   1 /*
   2  * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
   3  * Copyright (C) 1999-2001 Hiroyuki Yamamoto
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License
  16  * along with this program; if not, write to the Free Software
  17  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
  18  */
  19
  20 #ifdef HAVE_CONFIG_H
  21 #  include "config.h"
  22 #endif
  23
  24 #if USE_SSL
  25
  26 #include <openssl/ssl.h>
  27 #include <glib.h>
  28 #include "ssl_certificate.h"
  29 #include "alertpanel.h"
  30 #include "utils.h"
  31 #include "intl.h"
  32 #include "prefs_common.h"
  33 #include "socket.h"
  34
  35 static void ssl_certificate_destroy(SSLCertificate *cert);
  36 static char *ssl_certificate_check_signer (X509 *cert);
  37
  38 static char * get_fqdn(char *host)
  39 {
  40         struct hostent *hp;
  41         hp = my_gethostbyname(host);
  42         if (hp == NULL)
  43                 return g_strdup(host); /*caller should free*/
  44         else
  45                 return g_strdup(hp->h_name);
  46 }
  47
  48 static char * readable_fingerprint(unsigned char *src, int len)
  49 {
  50         int i=0;
  51         char * ret;
  52
  53         if (src == NULL)
  54                 return NULL;
  55         ret = g_strdup("");
  56         while (i < len) {
  57                 char *tmp2;
  58                 if(i>0)
  59                         tmp2 = g_strdup_printf("%s:%02X", ret, src[i]);
  60                 else
  61                         tmp2 = g_strdup_printf("%02X", src[i]);
  62                 g_free(ret);
  63                 ret = g_strdup(tmp2);
  64                 g_free(tmp2);
  65                 i++;
  66         }
  67         return ret;
  68 }
  69
  70 SSLCertificate *ssl_certificate_new(X509 *x509_cert, gchar *host, gushort port)
  71 {
  72         SSLCertificate *cert = g_new0(SSLCertificate, 1);
  73
  74         if (host == NULL || x509_cert == NULL) {
  75                 ssl_certificate_destroy(cert);
  76                 return NULL;
  77         }
  78         cert->x509_cert = X509_dup(x509_cert);
  79         cert->host = get_fqdn(host);
  80         cert->port = port;
  81         return cert;
  82 }
  83
  84 static void ssl_certificate_save (SSLCertificate *cert)
  85 {
  86         gchar *file, *port;
  87         FILE *fp;
  88
  89         file = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S,
  90                           "certs", G_DIR_SEPARATOR_S, NULL);
  91
  92         if (!is_dir_exist(file))
  93                 make_dir_hier(file);
  94         g_free(file);
  95
  96         port = g_strdup_printf("%d", cert->port);
  97         file = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S,
  98                           "certs", G_DIR_SEPARATOR_S,
  99                           cert->host, ".", port, ".cert", NULL);
 100
 101         g_free(port);
 102         fp = fopen(file, "w");
 103         if (fp == NULL) {
 104                 g_free(file);
 105                 alertpanel_error(_("Can't save certificate !"));
 106                 return;
 107         }
 108         i2d_X509_fp(fp, cert->x509_cert);
 109         g_free(file);
 110         fclose(fp);
 111
 112 }
 113
 114 char* ssl_certificate_to_string(SSLCertificate *cert)
 115 {
 116         char *ret, buf[100];
 117         char *issuer_commonname, *issuer_location, *issuer_organization;
 118         char *subject_commonname, *subject_location, *subject_organization;
 119         char *fingerprint, *sig_status;
 120         unsigned int n;
 121         unsigned char md[EVP_MAX_MD_SIZE];
 122
 123         /* issuer */
 124          X509_NAME_get_text_by_NID(X509_get_issuer_name(cert->x509_cert),
 125                                         NID_commonName, buf, 100);
 126          issuer_commonname = g_strdup(buf);
 127          X509_NAME_get_text_by_NID(X509_get_issuer_name(cert->x509_cert),
 128                                         NID_localityName, buf, 100);
 129          issuer_location = g_strdup(buf);
 130          X509_NAME_get_text_by_NID(X509_get_issuer_name(cert->x509_cert),
 131                                         NID_countryName, buf, 100);
 132          issuer_location = g_strconcat(issuer_location,", ",buf, NULL);
 133          X509_NAME_get_text_by_NID(X509_get_issuer_name(cert->x509_cert),
 134                                         NID_organizationName, buf, 100);
 135          issuer_organization = g_strdup(buf);
 136
 137         /* issuer */
 138          X509_NAME_get_text_by_NID(X509_get_subject_name(cert->x509_cert),
 139                                         NID_commonName, buf, 100);
 140          subject_commonname = g_strdup(buf);
 141          X509_NAME_get_text_by_NID(X509_get_subject_name(cert->x509_cert),
 142                                         NID_localityName, buf, 100);
 143          subject_location = g_strdup(buf);
 144          X509_NAME_get_text_by_NID(X509_get_subject_name(cert->x509_cert),
 145                                         NID_countryName, buf, 100);
 146          subject_location = g_strconcat(subject_location,", ",buf, NULL);
 147          X509_NAME_get_text_by_NID(X509_get_subject_name(cert->x509_cert),
 148                                         NID_organizationName, buf, 100);
 149          subject_organization = g_strdup(buf);
 150
 151         /* fingerprint */
 152         X509_digest(cert->x509_cert, EVP_md5(), md, &n);
 153         fingerprint = readable_fingerprint(md, (int)n);
 154
 155         /* signature */
 156         sig_status = ssl_certificate_check_signer(cert->x509_cert);
 157
 158         ret = g_strdup_printf(_("  Owner: %s (%s) in %s\n  Signed by: %s (%s) in %s\n  Fingerprint: %s\n  Signature status: %s"),
 159                                 subject_commonname, subject_organization, subject_location,
 160                                 issuer_commonname, issuer_organization, issuer_location,
 161                                 fingerprint,
 162                                 (sig_status==NULL ? "correct":sig_status));
 163
 164         if (issuer_commonname)
 165                 g_free(issuer_commonname);
 166         if (issuer_location)
 167                 g_free(issuer_location);
 168         if (issuer_organization)
 169                 g_free(issuer_organization);
 170         if (subject_commonname)
 171                 g_free(subject_commonname);
 172         if (subject_location)
 173                 g_free(subject_location);
 174         if (subject_organization)
 175                 g_free(subject_organization);
 176         if (fingerprint)
 177                 g_free(fingerprint);
 178         if (sig_status)
 179                 g_free(sig_status);
 180         return ret;
 181 }
 182
 183 void ssl_certificate_destroy(SSLCertificate *cert)
 184 {
 185         g_return_if_fail(cert != NULL);
 186         if (cert->x509_cert)
 187                 X509_free(cert->x509_cert);
 188         if (cert->host)
 189                 g_free(cert->host);
 190         g_free(cert);
 191         cert = NULL;
 192 }
 193
 194 SSLCertificate *ssl_certificate_find (gchar *host, gushort port)
 195 {
 196         gchar *file;
 197         gchar *buf;
 198         gchar *fqdn_host;
 199         SSLCertificate *cert = NULL;
 200         X509 *tmp_x509;
 201         FILE *fp;
 202
 203         fqdn_host = get_fqdn(host);
 204         buf = g_strdup_printf("%d", port);
 205         file = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S,
 206                           "certs", G_DIR_SEPARATOR_S,
 207                           fqdn_host, ".", buf, ".cert", NULL);
 208
 209         g_free(buf);
 210         fp = fopen(file, "r");
 211         if (fp == NULL) {
 212                 g_free(file);
 213                 g_free(fqdn_host);
 214                 return NULL;
 215         }
 216
 217
 218         if ((tmp_x509 = d2i_X509_fp(fp, 0)) != NULL) {
 219                 cert = ssl_certificate_new(tmp_x509, fqdn_host, port);
 220                 X509_free(tmp_x509);
 221         }
 222         fclose(fp);
 223         g_free(file);
 224         g_free(fqdn_host);
 225
 226         return cert;
 227 }
 228
 229 static gboolean ssl_certificate_compare (SSLCertificate *cert_a, SSLCertificate *cert_b)
 230 {
 231         if (cert_a == NULL || cert_b == NULL)
 232                 return FALSE;
 233         else if (!X509_cmp(cert_a->x509_cert, cert_b->x509_cert))
 234                 return TRUE;
 235         else
 236                 return FALSE;
 237 }
 238
 239 static char *ssl_certificate_check_signer (X509 *cert)
 240 {
 241         X509_STORE_CTX store_ctx;
 242         X509_STORE *store;
 243         int ok = 0;
 244         char *cert_file = NULL;
 245         char *err_msg = NULL;
 246
 247         store = X509_STORE_new();
 248         if (store == NULL) {
 249                 printf("Can't create X509_STORE\n");
 250                 return NULL;
 251         }
 252         if (X509_STORE_set_default_paths(store))
 253                 ok++;
 254         if (X509_STORE_load_locations(store, cert_file, NULL))
 255                 ok++;
 256
 257         if (ok == 0) {
 258                 X509_STORE_free (store);
 259                 return g_strdup(_("Can't load X509 default paths"));
 260         }
 261
 262         X509_STORE_CTX_init (&store_ctx, store, cert, NULL);
 263         ok = X509_verify_cert (&store_ctx);
 264
 265         if (ok == 0) {
 266                 err_msg = g_strdup(X509_verify_cert_error_string(
 267                                         X509_STORE_CTX_get_error(&store_ctx)));
 268                 debug_print("Can't check signer: %s\n", err_msg);
 269                 X509_STORE_CTX_cleanup (&store_ctx);
 270                 X509_STORE_free (store);
 271                 return err_msg;
 272
 273         }
 274         X509_STORE_CTX_cleanup (&store_ctx);
 275         X509_STORE_free (store);
 276         return NULL;
 277 }
 278
 279 gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
 280 {
 281         SSLCertificate *current_cert = ssl_certificate_new(x509_cert, host, port);
 282         SSLCertificate *known_cert;
 283
 284         if (current_cert == NULL) {
 285                 debug_print("Buggy certificate !\n");
 286                 return FALSE;
 287         }
 288
 289         known_cert = ssl_certificate_find (host, port);
 290
 291         if (known_cert == NULL) {
 292                 gint val;
 293                 gchar *err_msg, *cur_cert_str;
 294
 295                 cur_cert_str = ssl_certificate_to_string(current_cert);
 296
 297                 err_msg = g_strdup_printf(_("%s presented an unknown SSL certificate:\n%s"),
 298                                           current_cert->host,
 299                                           cur_cert_str);
 300                 g_free (cur_cert_str);
 301
 302                 if (prefs_common.no_recv_err_panel) {
 303                         log_error(_("%s\n\nMail won't be retrieved on this account until you save the certificate.\n(Uncheck the \"%s\" preference).\n"),
 304                                         err_msg,
 305                                         _("Don't popup error dialog on receive error"));
 306                         g_free(err_msg);
 307                         return FALSE;
 308                 }
 309
 310                 val = alertpanel(_("Warning"),
 311                                err_msg,
 312                                _("Accept and save"), _("Cancel connection"), NULL);
 313                 g_free(err_msg);
 314
 315                 switch (val) {
 316                         case G_ALERTALTERNATE:
 317                                 ssl_certificate_destroy(current_cert);
 318                                 return FALSE;
 319                         default:
 320                                 ssl_certificate_save(current_cert);
 321                                 ssl_certificate_destroy(current_cert);
 322                                 return TRUE;
 323                 }
 324         }
 325         else if (!ssl_certificate_compare (current_cert, known_cert)) {
 326                 gint val;
 327                 gchar *err_msg, *known_cert_str, *cur_cert_str, *sig_status;
 328
 329                 sig_status = ssl_certificate_check_signer(x509_cert);
 330
 331                 known_cert_str = ssl_certificate_to_string(known_cert);
 332                 cur_cert_str = ssl_certificate_to_string(current_cert);
 333                 err_msg = g_strdup_printf(_("%s's SSL certificate changed !\nWe have saved this one:\n%s\n\nIt is now:\n%s\n\nThis could mean the server answering is not the known one."),
 334                                           current_cert->host,
 335                                           known_cert_str,
 336                                           cur_cert_str);
 337                 g_free (cur_cert_str);
 338                 g_free (known_cert_str);
 339                 if (sig_status)
 340                         g_free (sig_status);
 341
 342                 if (prefs_common.no_recv_err_panel) {
 343                         log_error(_("%s\n\nMail won't be retrieved on this account until you save the certificate.\n(Uncheck the \"%s\" preference).\n"),
 344                                         err_msg,
 345                                         _("Don't popup error dialog on receive error"));
 346                         g_free(err_msg);
 347                         return FALSE;
 348                 }
 349
 350                 val = alertpanel(_("Warning"),
 351                                err_msg,
 352                                _("Accept and save"), _("Cancel connection"), NULL);
 353                 g_free(err_msg);
 354
 355                 switch (val) {
 356                         case G_ALERTALTERNATE:
 357                                 ssl_certificate_destroy(current_cert);
 358                                 ssl_certificate_destroy(known_cert);
 359                                 return FALSE;
 360                         default:
 361                                 ssl_certificate_save(current_cert);
 362                                 ssl_certificate_destroy(current_cert);
 363                                 ssl_certificate_destroy(known_cert);
 364                                 return TRUE;
 365                 }
 366         }
 367
 368         ssl_certificate_destroy(current_cert);
 369         ssl_certificate_destroy(known_cert);
 370         return TRUE;
 371 }
 372
 373 #endif /* USE_SSL */