hook for certificate acception
authorColin Leroy <colin@colino.net>
Mon, 9 Dec 2002 08:54:56 +0000 (08:54 +0000)
committerColin Leroy <colin@colino.net>
Mon, 9 Dec 2002 08:54:56 +0000 (08:54 +0000)
ChangeLog.claws
configure.in
src/common/ssl.c
src/gtk/sslcertwindow.c
src/gtk/sslcertwindow.h
src/mainwindow.c
src/ssl_certificate.c
src/ssl_certificate.h

index 2b872b8f8987059af3b647a5052bb777651472b9..56166e825b3cbbeec6539f04dd6b07cde8d56487 100644 (file)
@@ -1,3 +1,14 @@
+2002-12-09 [colin]     0.8.6claws83
+
+       * src/gtk/sslcertwindow.[ch]
+               Implement hook for certificate acception
+       * src/ssl_certificate.[ch]
+               Implement hook for certificate acception
+       * src/common/ssl.c
+               Reenable certificate acception check
+       * src/mainwindow.c
+               Register sslcertwindow's hook
+       
 2002-12-08 [christoph] 0.8.6claws82
 
        * src/about.c
index e2b3410e27f9fffdcbd4d31876ea483db5eed9ff..5bb93150f501c5688963d7b8d6d2c9a5092208e1 100644 (file)
@@ -11,7 +11,7 @@ MINOR_VERSION=8
 MICRO_VERSION=6
 INTERFACE_AGE=0
 BINARY_AGE=0
-EXTRA_VERSION=claws82
+EXTRA_VERSION=claws83
 VERSION=$MAJOR_VERSION.$MINOR_VERSION.$MICRO_VERSION$EXTRA_VERSION
 
 dnl set $target
index c93e4b79ae84370e83338ebce82246869869f2c1..ed639a04c2ecb4d39b2068253d074ab7007b6af8 100644 (file)
@@ -109,17 +109,12 @@ gboolean ssl_init_socket_with_method(SockInfo *sockinfo, SSLMethod method)
                return FALSE;
        }
 
-/*     FIXME
-
-       gui independant certificate check and callback for
-       gui for user accepted certificates
-       
        if (!ssl_certificate_check(server_cert, sockinfo->hostname, sockinfo->port)) {
                X509_free(server_cert);
                SSL_free(ssl);
                return FALSE;
        }
-*/
+
        X509_free(server_cert);
        sockinfo->ssl = ssl;
 
index d7d2d17d362410f15fc2676c47005cc37711d336..f56f82095131b61f2c93e631b63dd7e3ed3a0b5f 100644 (file)
@@ -199,6 +199,25 @@ GtkWidget *cert_presenter(SSLCertificate *cert)
        return vbox;
 }
 
+static gboolean sslcert_ask_hook(gpointer source, gpointer data)
+{
+       SSLCertHookData *hookdata = (SSLCertHookData *)source;
+       if (hookdata == NULL) {
+               return FALSE;
+       }
+       if (hookdata->old_cert == NULL)
+               hookdata->accept = sslcertwindow_ask_new_cert(hookdata->cert);
+       else
+               hookdata->accept = sslcertwindow_ask_changed_cert(hookdata->old_cert, hookdata->cert);
+
+       return TRUE;
+}
+
+void sslcertwindow_register_hook(void)
+{
+       hooks_register_hook(SSLCERT_ASK_HOOKLIST, sslcert_ask_hook, NULL);
+}
+
 void sslcertwindow_show_cert(SSLCertificate *cert)
 {
        GtkWidget *cert_widget = cert_presenter(cert);
index a1fbdf42716e3c14ab2c9d9dd9c2311cb8768755..0b0914add8c62a74b32281f16761c4512a06d4f3 100644 (file)
@@ -34,6 +34,7 @@
 
 GtkWidget *cert_presenter(SSLCertificate *cert);
 void sslcertwindow_show_cert(SSLCertificate *cert);
+void sslcertwindow_register_hook(void);
 gboolean sslcertwindow_ask_new_cert(SSLCertificate *cert);
 gboolean sslcertwindow_ask_changed_cert(SSLCertificate *old_cert, SSLCertificate *new_cert);
 
index d6fb53558f3e343088d8f9dadd370bcccdd6586f..6677d7b6245c1870af78102cd7dab2d9f8b7fc11 100644 (file)
@@ -83,6 +83,7 @@
 #include "version.h"
 #include "selective_download.h"
 #include "ssl_manager.h"
+#include "sslcertwindow.h"
 
 #define AC_LABEL_WIDTH 240
 
@@ -1103,7 +1104,9 @@ MainWindow *main_window_create(SeparateType type)
        summary_init(summaryview);
        messageview_init(messageview);
        log_window_init(mainwin->logwin);
-
+#ifdef USE_OPENSSL
+       sslcertwindow_register_hook();
+#endif
        mainwin->lock_count = 0;
        mainwin->menu_lock_count = 0;
        mainwin->cursor_count = 0;
index a3676ce140b0ef7fd47382e25ca852e967308243..194e4e193cf537f5120abe6772fb147fb7d53302 100644 (file)
 #include <openssl/ssl.h>
 #include <glib.h>
 #include "ssl_certificate.h"
-#include "sslcertwindow.h"
 #include "utils.h"
 #include "intl.h"
 #include "log.h"
 #include "socket.h"
+#include "hooks.h"
 
 static SSLCertificate *ssl_certificate_new_lookup(X509 *x509_cert, gchar *host, gushort port, gboolean lookup);
 
@@ -335,7 +335,8 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
 {
        SSLCertificate *current_cert = ssl_certificate_new(x509_cert, host, port);
        SSLCertificate *known_cert;
-
+       SSLCertHookData cert_hook_data;
+       
        if (current_cert == NULL) {
                debug_print("Buggy certificate !\n");
                return FALSE;
@@ -381,11 +382,15 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
                        return FALSE;
                }
 #endif
-               /* FIXME: replace this with a hook, then uncomment the check in ssl.c */ 
-               val = sslcertwindow_ask_new_cert(current_cert);
+               cert_hook_data.cert = current_cert;
+               cert_hook_data.old_cert = NULL;
+               cert_hook_data.accept = FALSE;
+               
+               hooks_invoke(SSLCERT_ASK_HOOKLIST, &cert_hook_data);
+               
                g_free(err_msg);
 
-               if (!val) {
+               if (!cert_hook_data.accept) {
                        ssl_certificate_destroy(current_cert);
                        return FALSE;
                } else {
@@ -416,12 +421,15 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
                        return FALSE;
                }
 #endif
+               cert_hook_data.cert = current_cert;
+               cert_hook_data.old_cert = known_cert;
+               cert_hook_data.accept = FALSE;
+               
+               hooks_invoke(SSLCERT_ASK_HOOKLIST, &cert_hook_data);
                
-               /* FIXME: replace this with a hook, then uncomment the check in ssl.c */ 
-               val = sslcertwindow_ask_changed_cert(known_cert, current_cert);
                g_free(err_msg);
 
-               if (!val) {
+               if (!cert_hook_data.accept) {
                        ssl_certificate_destroy(current_cert);
                        ssl_certificate_destroy(known_cert);
                        return FALSE;
index 237807275d9795320c563a18598f0115de979af4..c85010a7fdd8df7af91cfc6c133f47d720327f01 100644 (file)
@@ -30,6 +30,8 @@
 #include <openssl/objects.h>
 #include <glib.h>
 
+#define SSLCERT_ASK_HOOKLIST "sslcert_ask"
+
 typedef struct _SSLCertificate SSLCertificate;
 
 struct _SSLCertificate
@@ -39,6 +41,15 @@ struct _SSLCertificate
        gushort port;
 };
 
+typedef struct _SSLCertHookData SSLCertHookData;
+
+struct _SSLCertHookData
+{
+       SSLCertificate *cert;
+       SSLCertificate *old_cert;
+       gboolean accept;
+};
+
 SSLCertificate *ssl_certificate_find (gchar *host, gushort port);
 SSLCertificate *ssl_certificate_find_lookup (gchar *host, gushort port, gboolean lookup);
 gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port);