#include "socket.h"
#include "hooks.h"
#include "defs.h"
+#include "file-utils.h"
static GHashTable *warned_expired = NULL;
static gchar *get_certificate_path(const gchar *host, const gchar *port, const gchar *fp)
{
- if (fp != NULL && prefs_common_unsafe_ssl_certs())
- return g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S,
- "certs", G_DIR_SEPARATOR_S,
- host, ".", port, ".", fp, ".cert", NULL);
- else
- return g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S,
- "certs", G_DIR_SEPARATOR_S,
- host, ".", port, ".cert", NULL);
+ gchar *ret;
+ gchar *filename;
+
+ if (fp != NULL && prefs_common_unsafe_ssl_certs()) {
+ filename = g_strconcat(host, ".", port, ".", fp, ".cert", NULL);
+ } else {
+ filename = g_strconcat(host, ".", port, ".cert", NULL);
+ }
+ subst_for_filename(filename);
+
+ ret = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S,
+ "certs", G_DIR_SEPARATOR_S,
+ filename, NULL);
+
+ g_free(filename);
+ return ret;
}
static gchar *get_certificate_chain_path(const gchar *host, const gchar *port, const gchar *fp)
int r;
if ((r = gnutls_x509_crt_export(x509_cert, format, output, &cert_size)) < 0) {
- g_warning("couldn't export cert %s (%zd)", gnutls_strerror(r), cert_size);
+ g_warning("couldn't export cert %s (%"G_GSIZE_FORMAT")", gnutls_strerror(r), cert_size);
return;
}
-
+#ifdef G_OS_WIN32
+ debug_print("writing %Iu bytes\n",cert_size);
+#else
debug_print("writing %zd bytes\n",cert_size);
- if (fwrite(&output, 1, cert_size, fp) < cert_size) {
+#endif
+ if (claws_fwrite(&output, 1, cert_size, fp) < cert_size) {
g_warning("failed to write cert: %d %s", errno, g_strerror(errno));
}
}
*output = malloc(cert_size);
if ((r = gnutls_x509_crt_export(x509_cert, GNUTLS_X509_FMT_DER, *output, &cert_size)) < 0) {
- g_warning("couldn't export cert %s (%zd)", gnutls_strerror(r), cert_size);
+ g_warning("couldn't export cert %s (%"G_GSIZE_FORMAT")", gnutls_strerror(r), cert_size);
free(*output);
*output = NULL;
return 0;
*output = malloc(key_size);
if ((r = gnutls_x509_privkey_export(pkey, GNUTLS_X509_FMT_DER, *output, &key_size)) < 0) {
- g_warning("couldn't export key %s (%zd)", gnutls_strerror(r), key_size);
+ g_warning("couldn't export key %s (%"G_GSIZE_FORMAT")", gnutls_strerror(r), key_size);
free(*output);
*output = NULL;
return 0;
tmp.data = malloc(s.st_size);
memset(tmp.data, 0, s.st_size);
tmp.size = s.st_size;
- if (fread (tmp.data, 1, s.st_size, fp) < s.st_size) {
- perror("fread");
+ if (claws_fread (tmp.data, 1, s.st_size, fp) < s.st_size) {
+ perror("claws_fread");
free(tmp.data);
free(crt_list);
return -EIO;
tmp.data = malloc(s.st_size);
memset(tmp.data, 0, s.st_size);
tmp.size = s.st_size;
- if (fread (tmp.data, 1, s.st_size, fp) < s.st_size) {
- perror("fread");
+ if (claws_fread (tmp.data, 1, s.st_size, fp) < s.st_size) {
+ perror("claws_fread");
free(tmp.data);
return NULL;
}
tmp.data = malloc(s.st_size);
memset(tmp.data, 0, s.st_size);
tmp.size = s.st_size;
- if (fread (tmp.data, 1, s.st_size, fp) < s.st_size) {
+ if (claws_fread (tmp.data, 1, s.st_size, fp) < s.st_size) {
log_error(LOG_PROTOCOL, _("Cannot read P12 certificate file (%s)\n"),
g_strerror(errno));
free(tmp.data);
file = get_certificate_path(cert->host, port, cert->fingerprint);
g_free(port);
- fp = g_fopen(file, "wb");
+ fp = claws_fopen(file, "wb");
if (fp == NULL) {
g_free(file);
debug_print("Can't save certificate !\n");
gnutls_export_X509_fp(fp, cert->x509_cert, GNUTLS_X509_FMT_DER);
g_free(file);
- fclose(fp);
+ claws_safe_fclose(fp);
}
if (fingerprint != NULL) {
file = get_certificate_path(host, buf, fingerprint);
- fp = g_fopen(file, "rb");
+ fp = claws_fopen(file, "rb");
}
if (fp == NULL) {
/* see if we have the old one */
debug_print("didn't get %s\n", file);
g_free(file);
file = get_certificate_path(host, buf, NULL);
- fp = g_fopen(file, "rb");
+ fp = claws_fopen(file, "rb");
if (fp) {
debug_print("got %s\n", file);
gnutls_x509_crt_deinit(tmp_x509);
}
- fclose(fp);
+ claws_fclose(fp);
g_free(file);
if (must_rename) {
return FALSE;
}
if (cert_size_a != cert_size_b) {
- g_warning("size differ %zd %zd", cert_size_a, cert_size_b);
+ g_warning("size differ %"G_GSIZE_FORMAT" %"G_GSIZE_FORMAT, cert_size_a, cert_size_b);
g_free(output_a);
g_free(output_b);
return FALSE;
FILE *fp;
if (claws_ssl_get_cert_file())
- fp = g_fopen(claws_ssl_get_cert_file(), "r");
+ fp = claws_fopen(claws_ssl_get_cert_file(), "r");
else
return (guint)-1;
if ((r = gnutls_import_X509_list_fp(fp, GNUTLS_X509_FMT_PEM, &ca_list, &max_ca)) < 0) {
debug_print("CA import failed: %s\n", gnutls_strerror(r));
- fclose(fp);
+ claws_fclose(fp);
return (guint)-1;
}
- fclose(fp);
+ claws_fclose(fp);
fp = NULL;
buf = g_strdup_printf("%d", cert->port);
g_free(buf);
if (is_file_exist(chain_file)) {
unsigned char md[128];
- size_t n;
+ size_t n = 128;
char *fingerprint;
- fp = g_fopen(chain_file, "r");
+ fp = claws_fopen(chain_file, "r");
if (fp == NULL) {
- debug_print("fopen %s failed: %s\n", chain_file, g_strerror(errno));
+ debug_print("claws_fopen %s failed: %s\n", chain_file, g_strerror(errno));
g_free(chain_file);
return (guint)-1;
}
if ((r = gnutls_import_X509_list_fp(fp, GNUTLS_X509_FMT_PEM, &chain, &max_certs)) < 0) {
debug_print("chain import failed: %s\n", gnutls_strerror(r));
- fclose(fp);
+ claws_fclose(fp);
g_free(chain_file);
return (guint)-1;
}
g_free(chain_file);
- fclose(fp);
+ claws_fclose(fp);
fp = NULL;
gnutls_x509_crt_get_fingerprint(chain[0], GNUTLS_DIG_MD5, md, &n);
g_free(buf);
- fp = g_fopen(file, "wb");
+ fp = claws_fopen(file, "wb");
if (fp == NULL) {
g_free(file);
debug_print("Can't save certificate !\n");
}
if (fp)
- fclose(fp);
+ claws_safe_fclose(fp);
}
gboolean ssl_certificate_check (gnutls_x509_crt_t x509_cert, guint status,
gint status;
if (claws_ssl_get_cert_file()) {
- FILE *fp = g_fopen(claws_ssl_get_cert_file(), "rb");
+ FILE *fp = claws_fopen(claws_ssl_get_cert_file(), "rb");
int r = -errno;
if (fp) {
r = gnutls_import_X509_list_fp(fp, GNUTLS_X509_FMT_PEM, &cas, &ncas);
- fclose(fp);
+ claws_fclose(fp);
}
if (r < 0)
return NULL;
if (is_file_exist(file)) {
- FILE *fp = g_fopen(file, "r");
+ FILE *fp = claws_fopen(file, "r");
if (fp) {
x509 = gnutls_import_X509_fp(fp, GNUTLS_X509_FMT_PEM);
- fclose(fp);
+ claws_fclose(fp);
return x509;
} else {
log_error(LOG_PROTOCOL, _("Cannot open certificate file %s: %s\n"),
return NULL;
if (is_file_exist(file)) {
- FILE *fp = g_fopen(file, "r");
+ FILE *fp = claws_fopen(file, "r");
if (fp) {
key = gnutls_import_key_fp(fp, GNUTLS_X509_FMT_PEM);
- fclose(fp);
+ claws_fclose(fp);
return key;
} else {
log_error(LOG_PROTOCOL, _("Cannot open key file %s (%s)\n"),
return;
if (is_file_exist(file)) {
- FILE *fp = g_fopen(file, "r");
+ FILE *fp = claws_fopen(file, "r");
if (fp) {
p12 = gnutls_import_PKCS12_fp(fp, GNUTLS_X509_FMT_DER);
- fclose(fp);
+ claws_fclose(fp);
if (!p12) {
log_error(LOG_PROTOCOL, _("Failed to read P12 certificate file %s\n"), file);
}
projects / claws.git / blobdiff