/*
* Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
- * Copyright (C) 1999-2012 Colin Leroy <colin@colino.net>
+ * Copyright (C) 1999-2016 Colin Leroy <colin@colino.net>
* and the Claws Mail team
*
* This program is free software; you can redistribute it and/or modify
char *issuer_commonname, *issuer_location, *issuer_organization;
char *subject_commonname, *subject_location, *subject_organization;
char *sig_status, *exp_date;
- char *md5_fingerprint, *sha1_fingerprint, *fingerprint;
+ char *sha1_fingerprint, *sha256_fingerprint, *fingerprint;
size_t n;
char buf[100];
unsigned char md[128];
/* fingerprint */
n = 128;
- gnutls_x509_crt_get_fingerprint(cert->x509_cert, GNUTLS_DIG_MD5, md, &n);
- md5_fingerprint = readable_fingerprint(md, (int)n);
- n = 128;
gnutls_x509_crt_get_fingerprint(cert->x509_cert, GNUTLS_DIG_SHA1, md, &n);
sha1_fingerprint = readable_fingerprint(md, (int)n);
+ gnutls_x509_crt_get_fingerprint(cert->x509_cert, GNUTLS_DIG_SHA256, md, &n);
+ sha256_fingerprint = readable_fingerprint(md, (int)n);
+
/* signature */
- sig_status = ssl_certificate_check_signer(cert->x509_cert, cert->status);
+ sig_status = ssl_certificate_check_signer(cert, cert->status);
if (sig_status==NULL)
- sig_status = g_strdup(_("Correct"));
+ sig_status = g_strdup_printf(_("Correct%s"),exp_time_t < time(NULL)? _(" (expired)"): "");
+ else if (exp_time_t < time(NULL))
+ sig_status = g_strconcat(sig_status,_(" (expired)"),NULL);
vbox = gtk_vbox_new(FALSE, 5);
hbox = gtk_hbox_new(FALSE, 5);
label = gtk_label_new(_("Fingerprint: \n"));
gtk_misc_set_alignment (GTK_MISC (label), 1, 0.5);
gtk_table_attach(status_table, label, 0, 1, 0, 1, GTK_EXPAND|GTK_FILL, 0, 0, 0);
- fingerprint = g_strdup_printf("MD5: %s\nSHA1: %s",
- md5_fingerprint, sha1_fingerprint);
+ fingerprint = g_strdup_printf("SHA1: %s\nSHA256: %s",
+ sha1_fingerprint, sha256_fingerprint);
label = gtk_label_new(fingerprint);
g_free(fingerprint);
gtk_label_set_selectable(GTK_LABEL(label), TRUE);
gtk_label_set_selectable(GTK_LABEL(label), TRUE);
gtk_misc_set_alignment (GTK_MISC (label), 0, 0.5);
gtk_table_attach(status_table, label, 1, 2, 1, 2, GTK_EXPAND|GTK_FILL, 0, 0, 0);
- label = gtk_label_new(_("Expires on: "));
+ label = gtk_label_new(exp_time_t < time(NULL)? _("Expired on: "): _("Expires on: "));
gtk_misc_set_alignment (GTK_MISC (label), 1, 0.5);
gtk_table_attach(status_table, label, 0, 1, 2, 3, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(exp_date);
g_free(subject_commonname);
g_free(subject_location);
g_free(subject_organization);
- g_free(md5_fingerprint);
g_free(sha1_fingerprint);
+ g_free(sha256_fingerprint);
g_free(sig_status);
g_free(exp_date);
return vbox;
GtkWidget *cert_widget = cert_presenter(cert);
gchar *buf;
- buf = g_strdup_printf(_("SSL certificate for %s"), cert->host);
+ buf = g_strdup_printf(_("SSL/TLS certificate for %s"), cert->host);
alertpanel_full(buf, NULL, GTK_STOCK_CLOSE, NULL, NULL,
- FALSE, cert_widget, ALERT_NOTICE, G_ALERTDEFAULT);
+ ALERTFOCUS_FIRST, FALSE, cert_widget, ALERT_NOTICE);
g_free(buf);
}
gtk_box_pack_start(GTK_BOX(vbox), label, TRUE, TRUE, 0);
g_free(buf);
- sig_status = ssl_certificate_check_signer(cert->x509_cert, cert->status);
+ sig_status = ssl_certificate_check_signer(cert, cert->status);
if (sig_status==NULL)
sig_status = g_strdup(_("Correct"));
gtk_container_add(GTK_CONTAINER(button), cert_widget);
if (!ssl_certificate_check_subject_cn(cert))
- title = _("SSL certificate is invalid");
+ title = _("SSL/TLS certificate is invalid");
else
- title = _("SSL certificate is unknown");
+ title = _("SSL/TLS certificate is unknown");
val = alertpanel_full(title, NULL,
_("_Cancel connection"), _("_Accept and save"), NULL,
- FALSE, vbox, ALERT_QUESTION, G_ALERTDEFAULT);
+ ALERTFOCUS_FIRST, FALSE, vbox, ALERT_QUESTION);
return (val == G_ALERTALTERNATE);
}
gtk_box_pack_start(GTK_BOX(vbox), label, TRUE, TRUE, 0);
g_free(buf);
- sig_status = ssl_certificate_check_signer(cert->x509_cert, cert->status);
+ sig_status = ssl_certificate_check_signer(cert, cert->status);
if (sig_status==NULL)
sig_status = g_strdup(_("Correct"));
gtk_container_add(GTK_CONTAINER(button), cert_widget);
if (!ssl_certificate_check_subject_cn(cert))
- title = _("SSL certificate is invalid and expired");
+ title = _("SSL/TLS certificate is invalid and expired");
else
- title = _("SSL certificate is expired");
+ title = _("SSL/TLS certificate is expired");
val = alertpanel_full(title, NULL,
_("_Cancel connection"), _("_Accept"), NULL,
- FALSE, vbox, ALERT_QUESTION, G_ALERTDEFAULT);
+ ALERTFOCUS_FIRST, FALSE, vbox, ALERT_QUESTION);
return (val == G_ALERTALTERNATE);
}
gtk_box_pack_start(GTK_BOX(vbox2), label, TRUE, TRUE, 0);
g_free(buf);
- sig_status = ssl_certificate_check_signer(new_cert->x509_cert, new_cert->status);
+ sig_status = ssl_certificate_check_signer(new_cert, new_cert->status);
if (sig_status==NULL)
sig_status = g_strdup(_("Correct"));
gtk_container_add(GTK_CONTAINER(button), vbox);
if (!ssl_certificate_check_subject_cn(new_cert))
- title = _("SSL certificate changed and is invalid");
+ title = _("SSL/TLS certificate changed and is invalid");
else
- title = _("SSL certificate changed");
+ title = _("SSL/TLS certificate changed");
val = alertpanel_full(title, NULL,
_("_Cancel connection"), _("_Accept and save"), NULL,
- FALSE, vbox2, ALERT_WARNING, G_ALERTDEFAULT);
+ ALERTFOCUS_FIRST, FALSE, vbox2, ALERT_WARNING);
return (val == G_ALERTALTERNATE);
}
projects / claws.git / blobdiff