X-Git-Url: http://git.claws-mail.org/?p=claws.git;a=blobdiff_plain;f=src%2Fetpan%2Fnntp-thread.c;h=84a2f83d761b4527174805cec6047526bb06caf0;hp=0aa67c19f0bec07ad39a09ebadda206c4fc58792;hb=b0c17cd08e482dbda407dabdc952dfcf5d8fdb6e;hpb=7171e2ab9565100e89086fc9c1fab58650e1db15

diff --git a/src/etpan/nntp-thread.c b/src/etpan/nntp-thread.c
index 0aa67c19f..84a2f83d7 100644
--- a/src/etpan/nntp-thread.c
+++ b/src/etpan/nntp-thread.c
@@ -1,6 +1,6 @@
 /*
  * Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
- * Copyright (C) 2005-2011 DINH Viet Hoa and the Claws Mail team
+ * Copyright (C) 2005-2012 DINH Viet Hoa and the Claws Mail team
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -19,10 +19,13 @@
 
 #ifdef HAVE_CONFIG_H
 #  include "config.h"
+#include "claws-features.h"
 #endif
 
 #ifdef HAVE_LIBETPAN
 
+#include <glib.h>
+#include <glib/gi18n.h>
 #include "nntp-thread.h"
 #include "news.h"
 #include <sys/types.h>
@@ -38,11 +41,14 @@
 #include <gtk/gtk.h>
 #include <log.h>
 #include "etpan-thread-manager.h"
+#include "etpan-ssl.h"
 #include "utils.h"
 #include "mainwindow.h"
 #include "ssl_certificate.h"
 #include "socket.h"
 #include "remotefolder.h"
+#include "main.h"
+#include "account.h"
 
 #define DISABLE_LOG_DURING_LOGIN
 
@@ -93,12 +99,9 @@ static void nntp_logger(int direction, const char * str, size_t size)
 static void delete_nntp(Folder *folder, newsnntp *nntp)
 {
 	chashdatum key;
-	chashdatum value;
 
 	key.data = &folder;
 	key.len = sizeof(folder);
-	value.data = nntp;
-	value.len = 0;
 	chash_delete(session_hash, &key, NULL);
 	
 	key.data = &nntp;
@@ -158,6 +161,7 @@ void nntp_main_init(gboolean skip_ssl_cert_check)
 
 void nntp_main_done(gboolean have_connectivity)
 {
+	nntp_disconnect_all(have_connectivity);
 	etpan_thread_manager_stop(thread_manager);
 #if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__)
 	return;
@@ -370,111 +374,6 @@ int nntp_threaded_connect(Folder * folder, const char * server, int port)
 	return result.error;
 }
 
-static int etpan_certificate_check(const unsigned char *certificate, int len, void *data)
-{
-#ifdef USE_OPENSSL
-	struct connect_param *param = (struct connect_param *)data;
-	X509 *cert = NULL;
-	
-	if (certificate == NULL || len < 0) {
-		g_warning("no cert presented.\n");
-		return 0;
-	}
-	cert = d2i_X509(NULL, (const unsigned char **)&certificate, len);
-	if (cert == NULL) {
-		g_warning("nntp: can't get cert\n");
-		return 0;
-	} else if (ssl_certificate_check(cert, NULL,
-		(gchar *)param->server, (gushort)param->port) == TRUE) {
-		X509_free(cert);
-		return 0;
-	} else {
-		X509_free(cert);
-		return -1;
-	}
-#elif USE_GNUTLS
-	struct connect_param *param = (struct connect_param *)data;
-	gnutls_x509_crt cert = NULL;
-	gnutls_datum tmp;
-	
-	if (certificate == NULL || len < 0) {
-		g_warning("no cert presented.\n");
-		return 0;
-	}
-	
-	tmp.data = malloc(len);
-	memcpy(tmp.data, certificate, len);
-	tmp.size = len;
-	gnutls_x509_crt_init(&cert);
-	if (gnutls_x509_crt_import(cert, &tmp, GNUTLS_X509_FMT_DER) < 0) {
-		g_warning("nntp: can't get cert\n");
-		return 0;
-	} else if (ssl_certificate_check(cert, (guint)-1, NULL,
-		(gchar *)param->server, (gushort)param->port) == TRUE) {
-		gnutls_x509_crt_deinit(cert);
-		return 0;
-	} else {
-		gnutls_x509_crt_deinit(cert);
-		return -1;
-	}
-#endif
-	return 0;
-}
-
-static void connect_ssl_context_cb(struct mailstream_ssl_context * ssl_context, void * data)
-{
-#if (defined(USE_OPENSSL) || defined(USE_GNUTLS))
-	PrefsAccount *account = (PrefsAccount *)data;
-	const gchar *cert_path = NULL;
-	const gchar *password = NULL;
-#ifdef USE_OPENSSL
-	X509 *x509 = NULL;
-	EVP_PKEY *pkey = NULL;
-#else
-	gnutls_x509_crt x509 = NULL;
-	gnutls_x509_privkey pkey = NULL;
-#endif
-
-	if (account->in_ssl_client_cert_file && *account->in_ssl_client_cert_file)
-		cert_path = account->in_ssl_client_cert_file;
-	if (account->in_ssl_client_cert_pass && *account->in_ssl_client_cert_pass)
-		password = account->in_ssl_client_cert_pass;
-	
-	if (mailstream_ssl_set_client_certificate_data(ssl_context, NULL, 0) < 0 ||
-	    mailstream_ssl_set_client_private_key_data(ssl_context, NULL, 0) < 0)
-		debug_print("Impossible to set the client certificate.\n");
-	x509 = ssl_certificate_get_x509_from_pem_file(cert_path);
-	pkey = ssl_certificate_get_pkey_from_pem_file(cert_path);
-	if (!(x509 && pkey)) {
-		/* try pkcs12 format */
-		ssl_certificate_get_x509_and_pkey_from_p12_file(cert_path, password, &x509, &pkey);
-	}
-	if (x509 && pkey) {
-		unsigned char *x509_der = NULL, *pkey_der = NULL;
-		size_t x509_len, pkey_len;
-		
-#ifndef USE_GNUTLS
-		x509_len = (size_t)i2d_X509(x509, &x509_der);
-		pkey_len = (size_t)i2d_PrivateKey(pkey, &pkey_der);
-#else
-		x509_len = (size_t)gnutls_i2d_X509(x509, &x509_der);
-		pkey_len = (size_t)gnutls_i2d_PrivateKey(pkey, &pkey_der);
-#endif
-		if (x509_len > 0 && pkey_len > 0) {
-			if (mailstream_ssl_set_client_certificate_data(ssl_context, x509_der, x509_len) < 0 ||
-			    mailstream_ssl_set_client_private_key_data(ssl_context, pkey_der, pkey_len) < 0) 
-				log_error(LOG_PROTOCOL, "Impossible to set the client certificate.\n");
-			g_free(x509_der);
-			g_free(pkey_der);
-		}
-#ifdef USE_GNUTLS
-		gnutls_x509_crt_deinit(x509);
-		gnutls_x509_privkey_deinit(pkey);
-#endif
-	}
-#endif
-}
-
 static void connect_ssl_run(struct etpan_thread_op * op)
 {
 	int r;
@@ -488,7 +387,7 @@ static void connect_ssl_run(struct etpan_thread_op * op)
 
 	r = newsnntp_ssl_connect_with_callback(param->nntp,
 				 param->server, param->port,
-				 connect_ssl_context_cb, param->account);
+				 etpan_connect_ssl_context_cb, param->account);
 	result->error = r;
 }
 
@@ -499,8 +398,6 @@ int nntp_threaded_connect_ssl(Folder * folder, const char * server, int port)
 	chashdatum key;
 	chashdatum value;
 	newsnntp * nntp, * oldnntp;
-	unsigned char *certificate = NULL;
-	int cert_len;
 	
 	oldnntp = get_nntp(folder);
 
@@ -526,11 +423,8 @@ int nntp_threaded_connect_ssl(Folder * folder, const char * server, int port)
 	threaded_run(folder, &param, &result, connect_ssl_run);
 
 	if (result.error == NEWSNNTP_NO_ERROR && !etpan_skip_ssl_cert_check) {
-		cert_len = (int)mailstream_ssl_get_certificate(nntp->nntp_stream, &certificate);
-		if (etpan_certificate_check(certificate, cert_len, &param) < 0)
+		if (etpan_certificate_check(nntp->nntp_stream, server, port) < 0)
 			return -1;
-		if (certificate) 
-			free(certificate); 
 	}
 	debug_print("connect %d with nntp %p\n", result.error, nntp);
 	
@@ -592,15 +486,11 @@ static void login_run(struct etpan_thread_op * op)
 	mailstream_debug = 0;
 #endif
 
-	r = newsnntp_mode_reader(param->nntp);
-        if (r == NEWSNNTP_NO_ERROR ||
-	    r == NEWSNNTP_WARNING_REQUEST_AUTHORIZATION_USERNAME ||
-	    r == NEWSNNTP_WARNING_REQUEST_AUTHORIZATION_PASSWORD) {
-		r = newsnntp_authinfo_username(param->nntp, param->login);
-		if (r == NEWSNNTP_NO_ERROR || 
-		    r == NEWSNNTP_WARNING_REQUEST_AUTHORIZATION_PASSWORD) {
-			r = newsnntp_authinfo_password(param->nntp, param->password);
-		}
+	r = newsnntp_authinfo_username(param->nntp, param->login);
+	/* libetpan returning NO_ERROR means it received resp.code 281:
+	   in this case auth. is already successful, no password is needed. */
+	if (r == NEWSNNTP_WARNING_REQUEST_AUTHORIZATION_PASSWORD) {
+		r = newsnntp_authinfo_password(param->nntp, param->password);
 	}
 	
 
@@ -807,7 +697,7 @@ int nntp_threaded_article(Folder * folder, guint32 num, char **contents, size_t
 
 	threaded_run(folder, &param, &result, article_run);
 	
-	debug_print("nntp post - end\n");
+	debug_print("nntp article - end\n");
 	
 	return result.error;
 }
@@ -1004,6 +894,11 @@ int nntp_threaded_xhdr(Folder * folder, const char *header, guint32 beg, guint32
 	return result.error;
 }
 
+void nntp_main_set_timeout(int sec)
+{
+	mailstream_network_delay.tv_sec = sec;
+	mailstream_network_delay.tv_usec = 0;
+}
 
 #else