/*
* Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
- * Copyright (C) 2005-2011 DINH Viet Hoa and the Claws Mail team
+ * Copyright (C) 2005-2012 DINH Viet Hoa and the Claws Mail team
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
#ifdef HAVE_CONFIG_H
# include "config.h"
+#include "claws-features.h"
#endif
#ifdef HAVE_LIBETPAN
+#include <glib.h>
+#include <glib/gi18n.h>
#include "nntp-thread.h"
#include "news.h"
#include <sys/types.h>
#include <gtk/gtk.h>
#include <log.h>
#include "etpan-thread-manager.h"
+#include "etpan-ssl.h"
#include "utils.h"
#include "mainwindow.h"
#include "ssl_certificate.h"
#include "socket.h"
#include "remotefolder.h"
+#include "main.h"
+#include "account.h"
#define DISABLE_LOG_DURING_LOGIN
static void delete_nntp(Folder *folder, newsnntp *nntp)
{
chashdatum key;
- chashdatum value;
key.data = &folder;
key.len = sizeof(folder);
- value.data = nntp;
- value.len = 0;
chash_delete(session_hash, &key, NULL);
key.data = &nntp;
void nntp_main_done(gboolean have_connectivity)
{
+ nntp_disconnect_all(have_connectivity);
etpan_thread_manager_stop(thread_manager);
#if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__)
return;
return result.error;
}
-static int etpan_certificate_check(const unsigned char *certificate, int len, void *data)
-{
-#ifdef USE_OPENSSL
- struct connect_param *param = (struct connect_param *)data;
- X509 *cert = NULL;
-
- if (certificate == NULL || len < 0) {
- g_warning("no cert presented.\n");
- return 0;
- }
- cert = d2i_X509(NULL, (const unsigned char **)&certificate, len);
- if (cert == NULL) {
- g_warning("nntp: can't get cert\n");
- return 0;
- } else if (ssl_certificate_check(cert, NULL,
- (gchar *)param->server, (gushort)param->port) == TRUE) {
- X509_free(cert);
- return 0;
- } else {
- X509_free(cert);
- return -1;
- }
-#elif USE_GNUTLS
- struct connect_param *param = (struct connect_param *)data;
- gnutls_x509_crt cert = NULL;
- gnutls_datum tmp;
-
- if (certificate == NULL || len < 0) {
- g_warning("no cert presented.\n");
- return 0;
- }
-
- tmp.data = malloc(len);
- memcpy(tmp.data, certificate, len);
- tmp.size = len;
- gnutls_x509_crt_init(&cert);
- if (gnutls_x509_crt_import(cert, &tmp, GNUTLS_X509_FMT_DER) < 0) {
- g_warning("nntp: can't get cert\n");
- return 0;
- } else if (ssl_certificate_check(cert, (guint)-1, NULL,
- (gchar *)param->server, (gushort)param->port) == TRUE) {
- gnutls_x509_crt_deinit(cert);
- return 0;
- } else {
- gnutls_x509_crt_deinit(cert);
- return -1;
- }
-#endif
- return 0;
-}
-
-static void connect_ssl_context_cb(struct mailstream_ssl_context * ssl_context, void * data)
-{
-#if (defined(USE_OPENSSL) || defined(USE_GNUTLS))
- PrefsAccount *account = (PrefsAccount *)data;
- const gchar *cert_path = NULL;
- const gchar *password = NULL;
-#ifdef USE_OPENSSL
- X509 *x509 = NULL;
- EVP_PKEY *pkey = NULL;
-#else
- gnutls_x509_crt x509 = NULL;
- gnutls_x509_privkey pkey = NULL;
-#endif
-
- if (account->in_ssl_client_cert_file && *account->in_ssl_client_cert_file)
- cert_path = account->in_ssl_client_cert_file;
- if (account->in_ssl_client_cert_pass && *account->in_ssl_client_cert_pass)
- password = account->in_ssl_client_cert_pass;
-
- if (mailstream_ssl_set_client_certificate_data(ssl_context, NULL, 0) < 0 ||
- mailstream_ssl_set_client_private_key_data(ssl_context, NULL, 0) < 0)
- debug_print("Impossible to set the client certificate.\n");
- x509 = ssl_certificate_get_x509_from_pem_file(cert_path);
- pkey = ssl_certificate_get_pkey_from_pem_file(cert_path);
- if (!(x509 && pkey)) {
- /* try pkcs12 format */
- ssl_certificate_get_x509_and_pkey_from_p12_file(cert_path, password, &x509, &pkey);
- }
- if (x509 && pkey) {
- unsigned char *x509_der = NULL, *pkey_der = NULL;
- size_t x509_len, pkey_len;
-
-#ifndef USE_GNUTLS
- x509_len = (size_t)i2d_X509(x509, &x509_der);
- pkey_len = (size_t)i2d_PrivateKey(pkey, &pkey_der);
-#else
- x509_len = (size_t)gnutls_i2d_X509(x509, &x509_der);
- pkey_len = (size_t)gnutls_i2d_PrivateKey(pkey, &pkey_der);
-#endif
- if (x509_len > 0 && pkey_len > 0) {
- if (mailstream_ssl_set_client_certificate_data(ssl_context, x509_der, x509_len) < 0 ||
- mailstream_ssl_set_client_private_key_data(ssl_context, pkey_der, pkey_len) < 0)
- log_error(LOG_PROTOCOL, "Impossible to set the client certificate.\n");
- g_free(x509_der);
- g_free(pkey_der);
- }
-#ifdef USE_GNUTLS
- gnutls_x509_crt_deinit(x509);
- gnutls_x509_privkey_deinit(pkey);
-#endif
- }
-#endif
-}
-
static void connect_ssl_run(struct etpan_thread_op * op)
{
int r;
r = newsnntp_ssl_connect_with_callback(param->nntp,
param->server, param->port,
- connect_ssl_context_cb, param->account);
+ etpan_connect_ssl_context_cb, param->account);
result->error = r;
}
chashdatum key;
chashdatum value;
newsnntp * nntp, * oldnntp;
- unsigned char *certificate = NULL;
- int cert_len;
oldnntp = get_nntp(folder);
threaded_run(folder, ¶m, &result, connect_ssl_run);
if (result.error == NEWSNNTP_NO_ERROR && !etpan_skip_ssl_cert_check) {
- cert_len = (int)mailstream_ssl_get_certificate(nntp->nntp_stream, &certificate);
- if (etpan_certificate_check(certificate, cert_len, ¶m) < 0)
+ if (etpan_certificate_check(nntp->nntp_stream, server, port) < 0)
return -1;
- if (certificate)
- free(certificate);
}
debug_print("connect %d with nntp %p\n", result.error, nntp);
mailstream_debug = 0;
#endif
- r = newsnntp_mode_reader(param->nntp);
- if (r == NEWSNNTP_NO_ERROR) {
- r = newsnntp_authinfo_username(param->nntp, param->login);
- if (r == NEWSNNTP_NO_ERROR ||
- r == NEWSNNTP_WARNING_REQUEST_AUTHORIZATION_PASSWORD) {
- r = newsnntp_authinfo_password(param->nntp, param->password);
- }
+ r = newsnntp_authinfo_username(param->nntp, param->login);
+ /* libetpan returning NO_ERROR means it received resp.code 281:
+ in this case auth. is already successful, no password is needed. */
+ if (r == NEWSNNTP_WARNING_REQUEST_AUTHORIZATION_PASSWORD) {
+ r = newsnntp_authinfo_password(param->nntp, param->password);
}
threaded_run(folder, ¶m, &result, article_run);
- debug_print("nntp post - end\n");
+ debug_print("nntp article - end\n");
return result.error;
}
return result.error;
}
+void nntp_main_set_timeout(int sec)
+{
+ mailstream_network_delay.tv_sec = sec;
+ mailstream_network_delay.tv_usec = 0;
+}
#else