add SSL manager
authorColin Leroy <colin@colino.net>
Mon, 25 Nov 2002 15:21:47 +0000 (15:21 +0000)
committerColin Leroy <colin@colino.net>
Mon, 25 Nov 2002 15:21:47 +0000 (15:21 +0000)
ChangeLog.claws
configure.in
po/POTFILES.in
src/Makefile.am
src/mainwindow.c
src/prefs_common.c
src/prefs_common.h
src/ssl_certificate.c
src/ssl_certificate.h
src/ssl_manager.c [new file with mode: 0644]
src/ssl_manager.h [new file with mode: 0644]

index 6af1a07..4b28f19 100644 (file)
@@ -1,3 +1,23 @@
+2002-11-25 [colin]     0.8.6claws3
+
+       * src/ssl_certificate.[ch]
+               Allow checking a certificate without a DNS
+               lookup
+               Allow to forget a cert (by deleting it)
+               Make ssl_certificate_destroy_public
+       * src/ssl_manager.[ch] ** NEW FILES **
+               Gui to manage (display/remove) certificates
+       * src/prefs_common.[ch]
+               Add a pref to allow silent acceptation of
+               trusted certificates or not (based on the
+               "I want to know what's going on" principle)
+       * src/mainwindow.c
+               Add SSL manager in Tools menu
+       * src/Makefile.am
+               Add the new files to the build
+       * po/POTFILES.in
+               Add ssl_manager.c to translations
+
 2002-11-25 [colin]     0.8.6claws2
 
        * src/summaryview.[ch]
index 9ddfba7..0173091 100644 (file)
@@ -11,7 +11,7 @@ MINOR_VERSION=8
 MICRO_VERSION=6
 INTERFACE_AGE=0
 BINARY_AGE=0
-EXTRA_VERSION=claws2
+EXTRA_VERSION=claws3
 VERSION=$MAJOR_VERSION.$MINOR_VERSION.$MICRO_VERSION$EXTRA_VERSION
 
 dnl set $target
index 77156fd..5976741 100644 (file)
@@ -95,6 +95,7 @@ src/socket.c
 src/sourcewindow.c
 src/ssl.c
 src/ssl_certificate.c
+src/ssl_manager.c
 src/statusbar.c
 src/string_match.c
 src/summary_search.c
index 5598a02..5453e18 100644 (file)
@@ -94,6 +94,7 @@ sylpheed_SOURCES = \
        socket.c socket.h \
        ssl.c ssl.h \
        ssl_certificate.c ssl_certificate.h \
+       ssl_manager.c ssl_manager.h \
        automaton.c automaton.h \
        session.c session.h \
        smtp.c smtp.h \
index defd40a..08b78ed 100644 (file)
@@ -82,7 +82,7 @@
 #include "manual.h"
 #include "version.h"
 #include "selective_download.h"
-
+#include "ssl_manager.h"
 
 #define AC_LABEL_WIDTH 240
 
@@ -466,10 +466,14 @@ static void prefs_account_open_cb (MainWindow     *mainwin,
 static void prefs_scoring_open_cb      (MainWindow     *mainwin,
                                         guint           action,
                                         GtkWidget      *widget);
-static void prefs_filtering_open_cb (MainWindow        *mainwin,
+static void prefs_filtering_open_cb    (MainWindow     *mainwin,
                                         guint           action,
                                         GtkWidget      *widget);
-
+#ifdef USE_SSL
+static void ssl_manager_open_cb        (MainWindow     *mainwin,
+                                        guint           action,
+                                        GtkWidget      *widget);
+#endif
 static void new_account_cb      (MainWindow    *mainwin,
                                  guint          action,
                                  GtkWidget     *widget);
@@ -765,6 +769,11 @@ static GtkItemFactoryEntry mainwin_entries[] =
                                                NULL, delete_duplicated_cb,   0, NULL},
        {N_("/_Tools/---"),                     NULL, NULL, 0, "<Separator>"},
        {N_("/_Tools/E_xecute"),                "X", execute_summary_cb, 0, NULL},
+#ifdef USE_SSL
+       {N_("/_Tools/---"),                     NULL, NULL, 0, "<Separator>"},
+       {N_("/_Tools/SSL certi_ficates..."),    
+                                               NULL, ssl_manager_open_cb, 0, NULL},
+#endif
        {N_("/_Tools/---"),                     NULL, NULL, 0, "<Separator>"},
        {N_("/_Tools/_Log window"),             "<shift><control>L", log_window_show_cb, 0, NULL},
 
@@ -3487,7 +3496,13 @@ static void prefs_actions_open_cb(MainWindow *mainwin, guint action,
 {
        prefs_actions_open(mainwin);
 }
-
+#ifdef USE_SSL
+static void ssl_manager_open_cb(MainWindow *mainwin, guint action,
+                                 GtkWidget *widget)
+{
+       ssl_manager_open(mainwin);
+}
+#endif
 static void prefs_account_open_cb(MainWindow *mainwin, guint action,
                                  GtkWidget *widget)
 {
index fb47a04..e24fa95 100644 (file)
@@ -237,7 +237,9 @@ static struct Other {
        GtkWidget *checkbtn_warnqueued;
         GtkWidget *checkbtn_cliplog;
         GtkWidget *loglength_entry;
-
+#ifdef USE_SSL
+       GtkWidget *checkbtn_ssl_ask_unknown_valid;
+#endif
 } other;
 
 static struct MessageColorButtons {
@@ -797,6 +799,11 @@ static PrefParam param[] = {
        {"warn_queued_on_exit", "TRUE", &prefs_common.warn_queued_on_exit,
         P_BOOL, &other.checkbtn_warnqueued,
         prefs_set_data_from_toggle, prefs_set_toggle},
+#ifdef USE_SSL
+       {"ssl_ask_unknown_valid", "TRUE", &prefs_common.ssl_ask_unknown_valid,
+        P_BOOL, &other.checkbtn_ssl_ask_unknown_valid,
+        prefs_set_data_from_toggle, prefs_set_toggle},
+#endif
        {"work_offline", "FALSE", &prefs_common.work_offline, P_BOOL,
         NULL, NULL, NULL},
 
@@ -2864,6 +2871,11 @@ static void prefs_other_create(void)
        GtkWidget *checkbtn_cleanonexit;
        GtkWidget *checkbtn_askonclean;
        GtkWidget *checkbtn_warnqueued;
+       
+       GtkWidget *frame_ssl;
+       GtkWidget *vbox_ssl;
+       GtkWidget *hbox_ssl;
+       GtkWidget *checkbtn_ssl_ask_unknown_valid;
 
        vbox1 = gtk_vbox_new (FALSE, VSPACING);
        gtk_widget_show (vbox1);
@@ -2962,6 +2974,21 @@ static void prefs_other_create(void)
                            FALSE, TRUE, 0);
        SET_TOGGLE_SENSITIVITY(checkbtn_cliplog, loglength_entry);
 
+#ifdef USE_SSL
+       /* SSL */
+       PACK_FRAME (vbox1, frame_ssl, _("Security"));
+
+       vbox_ssl = gtk_vbox_new (FALSE, 0);
+       gtk_widget_show (vbox_ssl);
+       gtk_container_add (GTK_CONTAINER (frame_ssl), vbox_ssl);
+       gtk_container_set_border_width (GTK_CONTAINER (vbox_ssl), 8);
+       PACK_CHECK_BUTTON (vbox_ssl, checkbtn_ssl_ask_unknown_valid, 
+                          _("Confirm acception of all SSL certificates"));
+       hbox_ssl = gtk_hbox_new (FALSE, 3);
+       gtk_container_add (GTK_CONTAINER (vbox_ssl), hbox_ssl);
+       gtk_widget_show (hbox_ssl);
+#endif
+       
        /* On Exit */
        PACK_FRAME (vbox1, frame_exit, _("On exit"));
 
@@ -3000,6 +3027,10 @@ static void prefs_other_create(void)
        other.checkbtn_cleanonexit = checkbtn_cleanonexit;
        other.checkbtn_askonclean  = checkbtn_askonclean;
        other.checkbtn_warnqueued  = checkbtn_warnqueued;
+       
+#ifdef USE_SSL
+       other.checkbtn_ssl_ask_unknown_valid = checkbtn_ssl_ask_unknown_valid;
+#endif
 }
 
 static void date_format_ok_btn_clicked(GtkButton *button, GtkWidget **widget)
index e8ecc87..c528280 100644 (file)
@@ -249,7 +249,9 @@ struct _PrefsCommon
        gboolean clean_on_exit;
        gboolean ask_on_clean;
        gboolean warn_queued_on_exit;
-
+#ifdef USE_SSL
+       gboolean ssl_ask_unknown_valid;
+#endif
        /* Memory cache*/
        gint cache_max_mem_usage;
        gint cache_min_keep_time;
index e70b859..328f6f7 100644 (file)
 #include "prefs_common.h"
 #include "socket.h"
 
-static void ssl_certificate_destroy(SSLCertificate *cert);
 static char *ssl_certificate_check_signer (X509 *cert); 
+static SSLCertificate *ssl_certificate_new_lookup(X509 *x509_cert, gchar *host, gushort port, gboolean lookup);
 
 static char * get_fqdn(char *host)
 {
        struct hostent *hp;
+
+       if (host == NULL || strlen(host) == 0)
+               return g_strdup("");
+
        hp = my_gethostbyname(host);
        if (hp == NULL)
                return g_strdup(host); /*caller should free*/
@@ -68,6 +72,11 @@ static char * readable_fingerprint(unsigned char *src, int len)
 }
 
 SSLCertificate *ssl_certificate_new(X509 *x509_cert, gchar *host, gushort port)
+{
+       return ssl_certificate_new_lookup(x509_cert, host, port, TRUE);
+}
+
+static SSLCertificate *ssl_certificate_new_lookup(X509 *x509_cert, gchar *host, gushort port, gboolean lookup)
 {
        SSLCertificate *cert = g_new0(SSLCertificate, 1);
        
@@ -76,7 +85,10 @@ SSLCertificate *ssl_certificate_new(X509 *x509_cert, gchar *host, gushort port)
                return NULL;
        }
        cert->x509_cert = X509_dup(x509_cert);
-       cert->host = get_fqdn(host);
+       if (lookup)
+               cert->host = get_fqdn(host);
+       else
+               cert->host = g_strdup(host);
        cert->port = port;
        return cert;
 }
@@ -202,7 +214,9 @@ char* ssl_certificate_to_string(SSLCertificate *cert)
        
 void ssl_certificate_destroy(SSLCertificate *cert) 
 {
-       g_return_if_fail(cert != NULL);
+       if (cert == NULL)
+               return;
+
        if (cert->x509_cert)
                X509_free(cert->x509_cert);
        if (cert->host) 
@@ -211,7 +225,25 @@ void ssl_certificate_destroy(SSLCertificate *cert)
        cert = NULL;
 }
 
+void ssl_certificate_delete_from_disk(SSLCertificate *cert)
+{
+       gchar *buf;
+       gchar *file;
+       buf = g_strdup_printf("%d", cert->port);
+       file = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S, 
+                         "certs", G_DIR_SEPARATOR_S,
+                         cert->host, ".", buf, ".cert", NULL);
+       unlink (file);
+       g_free(buf);
+       g_free(file);
+}
+
 SSLCertificate *ssl_certificate_find (gchar *host, gushort port)
+{
+       return ssl_certificate_find_lookup (host, port, TRUE);
+}
+
+SSLCertificate *ssl_certificate_find_lookup (gchar *host, gushort port, gboolean lookup)
 {
        gchar *file;
        gchar *buf;
@@ -220,7 +252,11 @@ SSLCertificate *ssl_certificate_find (gchar *host, gushort port)
        X509 *tmp_x509;
        FILE *fp;
 
-       fqdn_host = get_fqdn(host);
+       if (lookup)
+               fqdn_host = get_fqdn(host);
+       else
+               fqdn_host = g_strdup(host);
+
        buf = g_strdup_printf("%d", port);
        file = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S, 
                          "certs", G_DIR_SEPARATOR_S,
@@ -236,7 +272,7 @@ SSLCertificate *ssl_certificate_find (gchar *host, gushort port)
        
        
        if ((tmp_x509 = d2i_X509_fp(fp, 0)) != NULL) {
-               cert = ssl_certificate_new(tmp_x509, fqdn_host, port);
+               cert = ssl_certificate_new_lookup(tmp_x509, fqdn_host, port, lookup);
                X509_free(tmp_x509);
        }
        fclose(fp);
@@ -310,8 +346,25 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
 
        if (known_cert == NULL) {
                gint val;
-               gchar *err_msg, *cur_cert_str;
+               gchar *err_msg, *cur_cert_str, *sig_status;
                
+               sig_status = ssl_certificate_check_signer(x509_cert);
+
+               if (sig_status == NULL && !prefs_common.ssl_ask_unknown_valid) {
+                       /* trust and accept silently if hostnames match */
+                       char *buf; /* don't free buf ! */
+                       if (X509_NAME_get_text_by_NID(X509_get_subject_name(x509_cert), 
+                                      NID_commonName, buf, 100) >= 0)
+                               if (!strcmp(buf, current_cert->host)) {
+                                       g_free(sig_status);
+                                       ssl_certificate_save(current_cert);
+                                       ssl_certificate_destroy(current_cert);
+                                       return TRUE;            
+                               }
+               }
+
+               g_free(sig_status);
+
                cur_cert_str = ssl_certificate_to_string(current_cert);
                
                err_msg = g_strdup_printf(_("%s presented an unknown SSL certificate:\n%s"),
@@ -344,10 +397,8 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
        }
        else if (!ssl_certificate_compare (current_cert, known_cert)) {
                gint val;
-               gchar *err_msg, *known_cert_str, *cur_cert_str, *sig_status;
+               gchar *err_msg, *known_cert_str, *cur_cert_str;
                
-               sig_status = ssl_certificate_check_signer(x509_cert);
-
                known_cert_str = ssl_certificate_to_string(known_cert);
                cur_cert_str = ssl_certificate_to_string(current_cert);
                err_msg = g_strdup_printf(_("%s's SSL certificate changed !\nWe have saved this one:\n%s\n\nIt is now:\n%s\n\nThis could mean the server answering is not the known one."),
@@ -356,8 +407,6 @@ gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port)
                                          cur_cert_str);
                g_free (cur_cert_str);
                g_free (known_cert_str);
-               if (sig_status)
-                       g_free (sig_status);
 
                if (prefs_common.no_recv_err_panel) {
                        log_error(_("%s\n\nMail won't be retrieved on this account until you save the certificate.\n(Uncheck the \"%s\" preference).\n"),
index 6e0c8bc..371174e 100644 (file)
@@ -39,9 +39,12 @@ struct _SSLCertificate
        gushort port;
 };
 
-gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port);
 SSLCertificate *ssl_certificate_find (gchar *host, gushort port);
+SSLCertificate *ssl_certificate_find_lookup (gchar *host, gushort port, gboolean lookup);
+gboolean ssl_certificate_check (X509 *x509_cert, gchar *host, gushort port);
 char* ssl_certificate_to_string(SSLCertificate *cert);
+void ssl_certificate_destroy(SSLCertificate *cert);
+void ssl_certificate_delete_from_disk(SSLCertificate *cert);
 
 #endif /* USE_SSL */
 #endif /* SSL_CERTIFICATE_H */
diff --git a/src/ssl_manager.c b/src/ssl_manager.c
new file mode 100644 (file)
index 0000000..df28513
--- /dev/null
@@ -0,0 +1,286 @@
+/*
+ * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
+ * Copyright (C) 1999-2001 Hiroyuki Yamamoto
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+#ifdef HAVE_CONFIG_H
+#  include "config.h"
+#endif
+
+#ifdef USE_SSL
+#include <gtk/gtkwidget.h>
+#include <glib.h>
+#include <sys/types.h>
+#include <dirent.h>
+
+#include "ssl_manager.h"
+#include "ssl_certificate.h"
+#include "manage_window.h"
+#include "utils.h"
+#include "mainwindow.h"
+#include "intl.h"
+#include "gtksctree.h"
+#include "alertpanel.h"
+
+static struct SSLManager
+{
+       GtkWidget *window;
+       GtkWidget *hbox1;
+       GtkWidget *vbox1;
+       GtkWidget *certlist;
+       GtkWidget *view_btn;
+       GtkWidget *delete_btn;
+       GtkWidget *ok_btn;
+} manager;
+
+static void ssl_manager_view_cb                (GtkWidget *widget, gpointer data);
+static void ssl_manager_delete_cb      (GtkWidget *widget, gpointer data);
+static void ssl_manager_ok_cb          (GtkWidget *widget, gpointer data);
+static void ssl_manager_load_certs     (void);
+
+void ssl_manager_open(MainWindow *mainwin)
+{
+       if (!manager.window)
+               ssl_manager_create();
+
+       manage_window_set_transient(GTK_WINDOW(manager.window));
+       gtk_widget_grab_focus(manager.ok_btn);
+
+       ssl_manager_load_certs();
+
+       gtk_widget_show(manager.window);
+
+}
+
+void ssl_manager_create(void) 
+{
+       GtkWidget *window;
+       GtkWidget *hbox1;
+       GtkWidget *vbox1;
+       GtkWidget *certlist;
+       GtkWidget *view_btn;
+       GtkWidget *delete_btn;
+       GtkWidget *ok_btn;
+       gchar *titles[2];
+
+       window = gtk_window_new (GTK_WINDOW_DIALOG);
+       gtk_window_set_title (GTK_WINDOW(window),
+                             _("Saved SSL Certificates"));
+       gtk_container_set_border_width (GTK_CONTAINER (window), 8);
+       gtk_window_position (GTK_WINDOW (window), GTK_WIN_POS_CENTER);
+       gtk_window_set_policy (GTK_WINDOW (window), FALSE, TRUE, FALSE);
+       gtk_signal_connect (GTK_OBJECT(window), "delete_event",
+                           GTK_SIGNAL_FUNC(ssl_manager_ok_cb), NULL);
+       MANAGE_WINDOW_SIGNALS_CONNECT (window);
+       
+       hbox1 = gtk_hbox_new(FALSE,2);
+       vbox1 = gtk_vbox_new(FALSE,0);
+       delete_btn = gtk_button_new_with_label(_("Delete"));
+       gtk_signal_connect (GTK_OBJECT(delete_btn), "clicked",
+                           GTK_SIGNAL_FUNC(ssl_manager_delete_cb), NULL);
+       view_btn = gtk_button_new_with_label(_("View"));
+       gtk_signal_connect (GTK_OBJECT(view_btn), "clicked",
+                           GTK_SIGNAL_FUNC(ssl_manager_view_cb), NULL);
+       ok_btn = gtk_button_new_with_label(_("OK"));
+       gtk_signal_connect (GTK_OBJECT(ok_btn), "clicked",
+                           GTK_SIGNAL_FUNC(ssl_manager_ok_cb), NULL);
+       gtk_widget_set_usize(ok_btn, 80, -1);
+       gtk_widget_set_usize(delete_btn, 80, -1);
+       gtk_widget_set_usize(view_btn, 80, -1);
+
+       titles[0] = _("Server");
+       titles[1] = _("Port");
+       certlist = gtk_sctree_new_with_titles(2, 3, titles);
+       gtk_clist_column_titles_show(GTK_CLIST(certlist));
+       gtk_clist_set_column_width(GTK_CLIST(certlist), 0, 220);
+       gtk_clist_set_selection_mode(GTK_CLIST(certlist), GTK_SELECTION_SINGLE);
+       gtk_widget_set_usize(certlist, 300, 200);
+       gtk_signal_connect (GTK_OBJECT(certlist), "open_row",
+                           GTK_SIGNAL_FUNC(ssl_manager_view_cb), NULL);
+       gtk_box_pack_start(GTK_BOX(hbox1), certlist, TRUE, TRUE, 0);
+       gtk_box_pack_start(GTK_BOX(hbox1), vbox1, TRUE, TRUE, 0);
+       gtk_box_pack_start(GTK_BOX(vbox1), view_btn, FALSE, FALSE, 0);
+       gtk_box_pack_start(GTK_BOX(vbox1), delete_btn, FALSE, FALSE, 0);
+       gtk_box_pack_end(GTK_BOX(vbox1), ok_btn, FALSE, FALSE, 0);
+       
+       gtk_widget_show(certlist);
+       gtk_widget_show(hbox1);
+       gtk_widget_show(vbox1);
+       gtk_widget_show(ok_btn);
+       gtk_widget_show(delete_btn);
+       gtk_widget_show(view_btn);
+       gtk_container_add(GTK_CONTAINER (window), hbox1);
+
+       manager.window = window;
+       manager.hbox1 = hbox1;
+       manager.vbox1 = vbox1;
+       manager.certlist = certlist;
+       manager.view_btn = view_btn;
+       manager.delete_btn = delete_btn;
+       manager.ok_btn = ok_btn;
+
+       gtk_widget_show(window);
+               
+}
+
+static char *get_server(char *str)
+{
+       char *ret = NULL, *tmp = g_strdup(str);
+       char *first_pos = NULL, *last_pos = NULL, *previous_pos = NULL;
+       int previous_dot_pos;
+
+       first_pos = tmp;
+       while ((tmp = strstr(tmp,".")) != NULL) {
+               *tmp++;
+               previous_pos = last_pos;
+               last_pos = tmp;
+       }
+       previous_dot_pos = (previous_pos - first_pos);
+       if (previous_dot_pos - 1 > 0)
+               ret = g_strndup(first_pos, previous_dot_pos - 1);
+       else 
+               ret = g_strdup(first_pos);
+       g_free(first_pos);
+       return ret;
+}
+
+static char *get_port(char *str)
+{
+       char *ret = NULL, *tmp = g_strdup(str);
+       char *previous_pos = NULL, *last_pos = NULL;
+
+       while ((tmp = strstr(tmp,".")) != NULL) {
+               *tmp++;
+               previous_pos = last_pos;
+               last_pos = tmp;
+       }
+       if (last_pos && previous_pos && (int)(last_pos - previous_pos - 1) > 0)
+               ret = g_strndup(previous_pos, (int)(last_pos - previous_pos - 1));
+       else
+               ret = g_strdup("0");
+       g_free(tmp);
+       return ret;
+       
+}
+static void ssl_manager_load_certs (void) 
+{
+       DIR *dir;
+       struct dirent *d;
+       gchar *path;
+       int row = 0;
+
+       path = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S, 
+                         "certs", G_DIR_SEPARATOR_S, NULL);
+
+       gtk_clist_clear(GTK_CLIST(manager.certlist));
+
+       if((dir = opendir(path)) == NULL) {
+               perror("opendir");
+               return;
+       }
+       
+       while ((d = readdir(dir)) != NULL) {
+               gchar *server, *port, *text[2];
+               SSLCertificate *cert;
+
+               if(!strstr(d->d_name, ".cert")) 
+                       continue;
+
+               server = get_server(d->d_name);
+               port = get_port(d->d_name);
+               
+               text[0] = g_strdup(server);
+               text[1] = g_strdup(port);
+               gtk_clist_append(GTK_CLIST(manager.certlist), text);
+               cert = ssl_certificate_find_lookup(server, atoi(port), FALSE);
+               gtk_clist_set_row_data(GTK_CLIST(manager.certlist), row, cert);
+               g_free(server);
+               g_free(port);
+               g_free(text[0]);
+               g_free(text[1]);
+               row++;
+       }
+       closedir(dir);
+       g_free(path);
+}
+
+void ssl_manager_close(void) 
+{
+       gtk_widget_hide(manager.window);
+}
+
+static void ssl_manager_ok_cb(GtkWidget *widget, 
+                             gpointer data) 
+{
+       ssl_manager_close();
+}
+static void ssl_manager_view_cb(GtkWidget *widget, 
+                             gpointer data) 
+{
+       SSLCertificate *cert;
+       GList *rowlist;
+       gchar *cert_str;
+       gchar *str;
+       
+       rowlist = GTK_CLIST(manager.certlist)->selection;
+       if (!rowlist) 
+               return;
+       
+       cert = gtk_ctree_node_get_row_data
+                       (GTK_CTREE(manager.certlist),
+                        GTK_CTREE_NODE(rowlist->data));
+       
+       if (!cert)
+               return;
+
+       cert_str = ssl_certificate_to_string(cert);
+       str = g_strconcat(_("SSL certificate for "),cert->host, ":\n\n", cert_str, NULL);
+       alertpanel(_("SSL Certificate"),
+               str,
+               _("OK"), NULL, NULL);
+       g_free(str);
+       g_free(cert_str);
+       
+       
+}
+static void ssl_manager_delete_cb(GtkWidget *widget, 
+                             gpointer data) 
+{
+       SSLCertificate *cert;
+       GList *rowlist;
+       int val;
+       
+       rowlist = GTK_CLIST(manager.certlist)->selection;
+       if (!rowlist) 
+               return;
+       
+       cert = gtk_ctree_node_get_row_data
+                       (GTK_CTREE(manager.certlist),
+                        GTK_CTREE_NODE(rowlist->data));
+       
+       if (!cert)
+               return;
+       val = alertpanel(_("Delete certificate"), 
+                            _("Do you really want to delete this certificate?"),
+                            _("Yes"), _("+No"), NULL);
+       if (val != G_ALERTDEFAULT)
+               return;
+       
+       ssl_certificate_delete_from_disk(cert);
+       ssl_certificate_destroy(cert);
+       gtk_ctree_remove_node(GTK_CTREE(manager.certlist), GTK_CTREE_NODE(rowlist->data));
+}
+#endif
diff --git a/src/ssl_manager.h b/src/ssl_manager.h
new file mode 100644 (file)
index 0000000..3a7453c
--- /dev/null
@@ -0,0 +1,29 @@
+/*
+ * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
+ * Copyright (C) 1999-2001 Hiroyuki Yamamoto
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#ifndef SSL_MANAGER_H
+#define SSL_MANAGER_H
+#ifdef USE_SSL
+#include "mainwindow.h"
+
+void ssl_manager_create (void); 
+void ssl_manager_open  (MainWindow *mainwin); 
+
+#endif
+#endif