+2008-10-11 [colin] 3.6.1cvs4
+
+ * src/account.c
+ * src/imap.c
+ * src/inc.c
+ * src/main.c
+ * src/mainwindow.c
+ * src/news.c
+ * src/pop.c
+ * src/pop.h
+ * src/prefs_account.c
+ * src/send_message.c
+ * src/send_message.h
+ * src/ssl_manager.c
+ * src/ssl_manager.h
+ * src/wizard.c
+ * src/common/claws.c
+ * src/common/defs.h
+ * src/common/session.c
+ * src/common/session.h
+ * src/common/smtp.c
+ * src/common/smtp.h
+ * src/common/socket.c
+ * src/common/socket.h
+ * src/common/ssl.c
+ * src/common/ssl.h
+ * src/common/ssl_certificate.c
+ * src/common/ssl_certificate.h
+ * src/gtk/about.c
+ * src/gtk/sslcertwindow.c
+ * src/gtk/sslcertwindow.h
+ Remove OpenSSL code
+
2008-10-11 [colin] 3.6.1cvs3
* src/common/ssl_certificate.c
( cvs diff -u -r 1.4.2.30 -r 1.4.2.31 src/common/ssl_certificate.c; cvs diff -u -r 1.9.2.24 -r 1.9.2.25 src/gtk/sslcertwindow.c; ) > 3.6.1cvs1.patchset
( cvs diff -u -r 1.2.2.10 -r 1.2.2.11 src/common/ssl.h; cvs diff -u -r 1.4.2.31 -r 1.4.2.32 src/common/ssl_certificate.c; cvs diff -u -r 1.9.2.25 -r 1.9.2.26 src/gtk/sslcertwindow.c; ) > 3.6.1cvs2.patchset
( cvs diff -u -r 1.4.2.32 -r 1.4.2.33 src/common/ssl_certificate.c; ) > 3.6.1cvs3.patchset
+( cvs diff -u -r 1.61.2.89 -r 1.61.2.90 src/account.c; cvs diff -u -r 1.179.2.235 -r 1.179.2.236 src/imap.c; cvs diff -u -r 1.149.2.96 -r 1.149.2.97 src/inc.c; cvs diff -u -r 1.115.2.213 -r 1.115.2.214 src/main.c; cvs diff -u -r 1.274.2.284 -r 1.274.2.285 src/mainwindow.c; cvs diff -u -r 1.101.2.56 -r 1.101.2.57 src/news.c; cvs diff -u -r 1.56.2.63 -r 1.56.2.64 src/pop.c; cvs diff -u -r 1.17.2.21 -r 1.17.2.22 src/pop.h; cvs diff -u -r 1.105.2.146 -r 1.105.2.147 src/prefs_account.c; cvs diff -u -r 1.17.2.51 -r 1.17.2.52 src/send_message.c; cvs diff -u -r 1.1.4.8 -r 1.1.4.9 src/send_message.h; cvs diff -u -r 1.3.2.31 -r 1.3.2.32 src/ssl_manager.c; cvs diff -u -r 1.2.2.8 -r 1.2.2.9 src/ssl_manager.h; cvs diff -u -r 1.1.2.76 -r 1.1.2.77 src/wizard.c; cvs diff -u -r 1.1.2.4 -r 1.1.2.5 src/common/claws.c; cvs diff -u -r 1.9.2.45 -r 1.9.2.46 src/common/defs.h; cvs diff -u -r 1.23.2.20 -r 1.23.2.21 src/common/session.c; cvs diff -u -r 1.8.2.13 -r 1.8.2.14 src/common/session.h; cvs diff -u -r 1.11.2.25 -r 1.11.2.26 src/common/smtp.c; cvs diff -u -r 1.6.2.14 -r 1.6.2.15 src/common/smtp.h; cvs diff -u -r 1.13.2.39 -r 1.13.2.40 src/common/socket.c; cvs diff -u -r 1.13.2.20 -r 1.13.2.21 src/common/socket.h; cvs diff -u -r 1.9.2.34 -r 1.9.2.35 src/common/ssl.c; cvs diff -u -r 1.2.2.11 -r 1.2.2.12 src/common/ssl.h; cvs diff -u -r 1.4.2.33 -r 1.4.2.34 src/common/ssl_certificate.c; cvs diff -u -r 1.1.4.12 -r 1.1.4.13 src/common/ssl_certificate.h; cvs diff -u -r 1.4.2.70 -r 1.4.2.71 src/gtk/about.c; cvs diff -u -r 1.9.2.26 -r 1.9.2.27 src/gtk/sslcertwindow.c; cvs diff -u -r 1.6.2.9 -r 1.6.2.10 src/gtk/sslcertwindow.h; ) > 3.6.1cvs4.patchset
MICRO_VERSION=1
INTERFACE_AGE=0
BINARY_AGE=0
-EXTRA_VERSION=3
+EXTRA_VERSION=4
EXTRA_RELEASE=
EXTRA_GTK2_VERSION=
gboolean getall;
name = ac_prefs->account_name;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
protocol = ac_prefs->protocol == A_POP3 ?
(ac_prefs->ssl_pop == SSL_TUNNEL ?
"POP3 (SSL)" :
srand((gint) time(NULL));
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
ssl_init();
#endif
void claws_done(void)
{
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
ssl_done();
#endif
}
#define USERS_ML_ADDR "claws-mail-users@dotsrc.org"
#define GPL_URI "http://www.gnu.org/licenses/gpl.html"
#define DONATE_URI "http://www.claws-mail.org/sponsors.php"
-#define OPENSSL_URI "http://www.openssl.org/"
#define RELEASE_NOTES_FILE "RELEASE_NOTES"
#define THEMEINFO_FILE ".claws_themeinfo"
#define FOLDER_LIST "folderlist.xml"
session->sock = NULL;
session->server = NULL;
session->port = 0;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
session->ssl_type = SSL_NONE;
#endif
session->nonblocking = TRUE;
session->sock = sock;
sock->account = session->account;
sock->is_smtp = session->is_smtp;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (session->ssl_type == SSL_TUNNEL) {
sock_set_nonblocking_mode(sock, FALSE);
if (!ssl_init_socket(sock)) {
return 0;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gint session_start_tls(Session *session)
{
gboolean nb_mode;
gchar *server;
gushort port;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
SSLType ssl_type;
#endif
SendDataNotify notify_func,
gpointer data);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gint session_start_tls (Session *session);
#endif
static void smtp_session_destroy(Session *session);
static gint smtp_auth(SMTPSession *session);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static gint smtp_starttls(SMTPSession *session);
#endif
static gint smtp_auth_cram_md5(SMTPSession *session);
session->state = SMTP_READY;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
session->tls_init_done = FALSE;
#endif
return SM_ERROR;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static gint smtp_starttls(SMTPSession *session)
{
session->state = SMTP_STARTTLS;
if (strstr(msg, "ESMTP"))
smtp_session->is_esmtp = TRUE;
case SMTP_CONNECTED:
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (smtp_session->user || session->ssl_type != SSL_NONE ||
smtp_session->is_esmtp)
#else
smtp_session->error_val = SM_ERROR;
return -1;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (session->ssl_type == SSL_STARTTLS &&
smtp_session->tls_init_done == FALSE) {
ret = smtp_starttls(smtp_session);
#endif
if (smtp_session->user) {
if (smtp_auth(smtp_session) != SM_OK) {
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (session->ssl_type == SSL_NONE
&& smtp_session->tls_init_done == FALSE
&& (smtp_session->avail_auth_type & SMTPAUTH_TLS_AVAILABLE))
ret = smtp_from(smtp_session);
break;
case SMTP_STARTTLS:
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (session_start_tls(session) < 0) {
log_warning(LOG_PROTOCOL, _("couldn't start TLS session\n"));
smtp_session->state = SMTP_ERROR;
SMTPState state;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gboolean tls_init_done;
#endif
#include "socket.h"
#include "utils.h"
#include "log.h"
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
# include "ssl.h"
#endif
if (!sock || !sock->sock)
return FALSE;
-#if USE_OPENSSL
- if (sock->ssl) {
- if (condition & G_IO_IN) {
- if (SSL_pending(sock->ssl) > 0)
- return TRUE;
- if (SSL_want_write(sock->ssl))
- condition |= G_IO_OUT;
- }
-
- if (condition & G_IO_OUT) {
- if (SSL_want_read(sock->ssl))
- condition |= G_IO_IN;
- }
- }
-#elif USE_GNUTLS
-/* ?? */
-#endif
-
FD_ZERO(&fds);
FD_SET(sock->sock, &fds);
sock->condition = condition;
sock->data = data;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (sock->ssl)
{
GSource *source = g_source_new(&sock_watch_funcs,
return read(fd, buf, len);
}
-#if USE_OPENSSL
-static gint ssl_read(SSL *ssl, gchar *buf, gint len)
-{
- gint err, ret;
-
- if (SSL_pending(ssl) == 0) {
- if (fd_check_io(SSL_get_rfd(ssl), G_IO_IN) < 0)
- return -1;
- }
-
- ret = SSL_read(ssl, buf, len);
-
- switch ((err = SSL_get_error(ssl, ret))) {
- case SSL_ERROR_NONE:
- return ret;
- case SSL_ERROR_WANT_READ:
- case SSL_ERROR_WANT_WRITE:
- errno = EAGAIN;
- return -1;
- case SSL_ERROR_ZERO_RETURN:
- return 0;
- default:
- g_warning("SSL_read() returned error %d, ret = %d\n", err, ret);
- if (ret == 0)
- return 0;
- return -1;
- }
-}
-#elif USE_GNUTLS
+#if USE_GNUTLS
static gint ssl_read(gnutls_session ssl, gchar *buf, gint len)
{
gint r;
g_return_val_if_fail(sock != NULL, -1);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (sock->ssl)
ret = ssl_read(sock->ssl, buf, len);
else
return write(fd, buf, len);
}
-#if USE_OPENSSL
-static gint ssl_write(SSL *ssl, const gchar *buf, gint len)
-{
- gint ret;
-
- ret = SSL_write(ssl, buf, len);
-
- switch (SSL_get_error(ssl, ret)) {
- case SSL_ERROR_NONE:
- return ret;
- case SSL_ERROR_WANT_READ:
- case SSL_ERROR_WANT_WRITE:
- errno = EAGAIN;
- return -1;
- default:
- return -1;
- }
-}
-#elif USE_GNUTLS
+#if USE_GNUTLS
static gint ssl_write(gnutls_session ssl, const gchar *buf, gint len)
{
gint ret;
g_return_val_if_fail(sock != NULL, -1);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (sock->ssl)
ret = ssl_write(sock->ssl, buf, len);
else
return wrlen;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
-#if USE_OPENSSL
-static gint ssl_write_all(SSL *ssl, const gchar *buf, gint len)
-#else
+#ifdef USE_GNUTLS
static gint ssl_write_all(gnutls_session ssl, const gchar *buf, gint len)
-#endif
{
gint n, wrlen = 0;
g_return_val_if_fail(sock != NULL, -1);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (sock->ssl)
ret = ssl_write_all(sock->ssl, buf, len);
else
if (sock->sock_ch)
g_io_channel_unref(sock->sock_ch);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (sock->ssl)
ssl_done_socket(sock);
if (sock->g_source != 0)
typedef struct _SockInfo SockInfo;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
# include "ssl.h"
#endif
struct _SockInfo
{
gint sock;
-#if USE_OPENSSL
- SSL *ssl;
-#elif USE_GNUTLS
+#if USE_GNUTLS
gnutls_session ssl;
gnutls_certificate_credentials_t xcred;
gnutls_x509_crt client_crt;
# include "config.h"
#endif
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
#include "defs.h"
#include <glib.h>
#ifdef USE_PTHREAD
typedef struct _thread_data {
-#ifdef USE_OPENSSL
- SSL *ssl;
-#else
gnutls_session ssl;
-#endif
gboolean done;
} thread_data;
#endif
-
-#ifdef USE_OPENSSL
-static SSL_CTX *ssl_ctx;
-#endif
-
-#ifdef USE_OPENSSL
-static int openssl_client_cert_cb(SSL *ssl, X509 **x509, EVP_PKEY **pkey)
-{
- SSLClientCertHookData hookdata;
- SockInfo *sockinfo = (SockInfo *)SSL_CTX_get_app_data(ssl->ctx);
-
- if (x509 == NULL || pkey == NULL) {
- return 0;
- }
-
- if (sockinfo == NULL)
- return 0;
-
- hookdata.account = sockinfo->account;
- hookdata.cert_path = NULL;
- hookdata.password = NULL;
- hookdata.is_smtp = sockinfo->is_smtp;
- hooks_invoke(SSLCERT_GET_CLIENT_CERT_HOOKLIST, &hookdata);
-
- if (hookdata.cert_path == NULL)
- return 0;
-
- *x509 = ssl_certificate_get_x509_from_pem_file(hookdata.cert_path);
- *pkey = ssl_certificate_get_pkey_from_pem_file(hookdata.cert_path);
- if (!(*x509 && *pkey)) {
- /* try pkcs12 format */
- ssl_certificate_get_x509_and_pkey_from_p12_file(hookdata.cert_path, hookdata.password, x509, pkey);
- }
- if (*x509 && *pkey)
- return 1;
- else
- return 0;
-}
-#endif
-#ifdef USE_GNUTLS
static int gnutls_client_cert_cb(gnutls_session session,
const gnutls_datum *req_ca_rdn, int nreqs,
const gnutls_pk_algorithm *sign_algos,
}
return 0;
}
-#endif
-
-#ifdef USE_OPENSSL
-SSL_CTX *ssl_get_ctx(void)
-{
- return ssl_ctx;
-}
-#endif
const gchar *claws_ssl_get_cert_file(void)
{
void ssl_init(void)
{
-#ifdef USE_OPENSSL
- SSL_METHOD *meth;
-
- /* Global system initialization*/
- SSL_library_init();
- SSL_load_error_strings();
- OpenSSL_add_all_algorithms();
- OpenSSL_add_all_ciphers();
- OpenSSL_add_all_digests();
-
-#ifdef HAVE_LIBETPAN
- mailstream_openssl_init_not_required();
-#endif
-
- /* Create our context*/
- meth = SSLv23_client_method();
- ssl_ctx = SSL_CTX_new(meth);
-
-
- SSL_CTX_set_client_cert_cb(ssl_ctx, openssl_client_cert_cb);
-
- /* Set default certificate paths */
- if (claws_ssl_get_cert_file() || claws_ssl_get_cert_dir()) {
- int r = SSL_CTX_load_verify_locations(ssl_ctx, claws_ssl_get_cert_file(), claws_ssl_get_cert_dir());
- if (r != 1) {
- g_warning("can't set cert file %s dir %s: %s\n",
- claws_ssl_get_cert_file(), claws_ssl_get_cert_dir(), ERR_error_string(ERR_get_error(), NULL));
- SSL_CTX_set_default_verify_paths(ssl_ctx);
- }
- } else {
- g_warning("cant");
- SSL_CTX_set_default_verify_paths(ssl_ctx);
- }
-#if (OPENSSL_VERSION_NUMBER < 0x0090600fL)
- SSL_CTX_set_verify_depth(ssl_ctx,1);
-#endif
-#else
#ifdef HAVE_LIBETPAN
mailstream_gnutls_init_not_required();
#endif
gnutls_global_init();
-#endif
}
void ssl_done(void)
{
-#if USE_OPENSSL
- if (!ssl_ctx)
- return;
-
- SSL_CTX_free(ssl_ctx);
-#else
gnutls_global_deinit();
-#endif
}
#ifdef USE_PTHREAD
pthread_setcancelstate(PTHREAD_CANCEL_ENABLE, NULL);
pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, NULL);
-#ifdef USE_OPENSSL
- result = SSL_connect(td->ssl);
-#else
do {
result = gnutls_handshake(td->ssl);
} while (result == GNUTLS_E_AGAIN || result == GNUTLS_E_INTERRUPTED);
-#endif
+
td->done = TRUE; /* let the caller thread join() */
return GINT_TO_POINTER(result);
}
#endif
-#ifdef USE_OPENSSL
-static gint SSL_connect_nb(SSL *ssl)
-#else
static gint SSL_connect_nb(gnutls_session ssl)
-#endif
{
-#ifdef USE_GNUTLS
int result;
-#endif
#ifdef USE_PTHREAD
thread_data *td = g_new0(thread_data, 1);
pthread_t pt;
if (pthread_attr_init(&pta) != 0 ||
pthread_attr_setdetachstate(&pta, PTHREAD_CREATE_JOINABLE) != 0 ||
pthread_create(&pt, &pta, SSL_connect_thread, td) != 0) {
-#ifdef USE_OPENSSL
- return SSL_connect(ssl);
-#else
do {
result = gnutls_handshake(td->ssl);
} while (result == GNUTLS_E_AGAIN || result == GNUTLS_E_INTERRUPTED);
return result;
-#endif
}
debug_print("waiting for SSL_connect thread...\n");
while(!td->done) {
return GPOINTER_TO_INT(res);
#else /* USE_PTHREAD */
-#ifdef USE_OPENSSL
- return SSL_connect(ssl);
-#else
do {
result = gnutls_handshake(ssl);
} while (result == GNUTLS_E_AGAIN || result == GNUTLS_E_INTERRUPTED);
#endif
-#endif
}
gboolean ssl_init_socket(SockInfo *sockinfo)
gboolean ssl_init_socket_with_method(SockInfo *sockinfo, SSLMethod method)
{
-#ifdef USE_OPENSSL
- X509 *server_cert;
- SSL *ssl;
-
- ssl = SSL_new(ssl_ctx);
- if (ssl == NULL) {
- g_warning(_("Error creating ssl context\n"));
- return FALSE;
- }
-
- switch (method) {
- case SSL_METHOD_SSLv23:
- debug_print("Setting SSLv23 client method\n");
- SSL_set_ssl_method(ssl, SSLv23_client_method());
- break;
- case SSL_METHOD_TLSv1:
- debug_print("Setting TLSv1 client method\n");
- SSL_set_ssl_method(ssl, TLSv1_client_method());
- break;
- default:
- break;
- }
-
- SSL_CTX_set_app_data(ssl_ctx, sockinfo);
- SSL_set_fd(ssl, sockinfo->sock);
- if (SSL_connect_nb(ssl) == -1) {
- g_warning(_("SSL connect failed (%s)\n"),
- ERR_error_string(ERR_get_error(), NULL));
- SSL_free(ssl);
- return FALSE;
- }
-
- /* Get the cipher */
-
- debug_print("SSL connection using %s\n", SSL_get_cipher(ssl));
-
- /* Get server's certificate (note: beware of dynamic allocation) */
- if ((server_cert = SSL_get_peer_certificate(ssl)) == NULL) {
- debug_print("server_cert is NULL ! this _should_not_ happen !\n");
- SSL_free(ssl);
- return FALSE;
- }
-
-
- if (!ssl_certificate_check(server_cert, sockinfo->canonical_name, sockinfo->hostname, sockinfo->port)) {
- X509_free(server_cert);
- SSL_free(ssl);
- return FALSE;
- }
-
-
- X509_free(server_cert);
- sockinfo->ssl = ssl;
-
-#else
gnutls_session session;
int r;
const int cipher_prio[] = { GNUTLS_CIPHER_AES_128_CBC,
sockinfo->ssl = session;
sockinfo->xcred = xcred;
-#endif
return TRUE;
}
void ssl_done_socket(SockInfo *sockinfo)
{
if (sockinfo && sockinfo->ssl) {
-#ifdef USE_OPENSSL
- SSL_free(sockinfo->ssl);
-#else
gnutls_certificate_free_credentials(sockinfo->xcred);
gnutls_deinit(sockinfo->ssl);
if (sockinfo->client_crt)
gnutls_x509_privkey_deinit(sockinfo->client_key);
sockinfo->client_key = NULL;
sockinfo->client_crt = NULL;
-#endif
sockinfo->ssl = NULL;
}
}
-#endif /* USE_OPENSSL */
+#endif /* USE_GNUTLS */
SSL_STARTTLS
} SSLType;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
#include <glib.h>
-#if USE_OPENSSL
-#include <openssl/crypto.h>
-#include <openssl/x509.h>
-#include <openssl/pem.h>
-#include <openssl/ssl.h>
-#include <openssl/err.h>
-#include <openssl/evp.h>
-#include <openssl/pkcs12.h>
-#else
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
-#endif
#include "socket.h"
typedef enum {
gboolean is_smtp;
};
-#ifdef USE_OPENSSL
-SSL_CTX *ssl_get_ctx(void);
-#endif
-
const gchar *claws_ssl_get_cert_file(void);
-#endif /* USE_OPENSSL */
+#endif /* USE_GNUTLS */
#endif /* __SSL_H__ */
# include "config.h"
#endif
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
-#if USE_OPENSSL
-#include <openssl/ssl.h>
-#else
+#ifdef USE_GNUTLS
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#include <gnutls/pkcs12.h>
#include <sys/stat.h>
#include <unistd.h>
#include <string.h>
-#endif
#include <sys/types.h>
#include <stdio.h>
#include <glib.h>
host, ".", port, ".cert", NULL);
}
-#if USE_OPENSSL
-static SSLCertificate *ssl_certificate_new_lookup(X509 *x509_cert, gchar *host, gushort port, gboolean lookup);
-#else
static SSLCertificate *ssl_certificate_new_lookup(gnutls_x509_crt x509_cert, gchar *host, gushort port, gboolean lookup);
-#endif
-#if USE_OPENSSL
-/* from Courier */
-time_t asn1toTime(ASN1_TIME *asn1Time)
-{
- struct tm tm;
- int offset;
-
- if (asn1Time == NULL || asn1Time->length < 13)
- return 0;
-
- memset(&tm, 0, sizeof(tm));
-
-#define N2(n) ((asn1Time->data[n]-'0')*10 + asn1Time->data[(n)+1]-'0')
-
-#define CPY(f,n) (tm.f=N2(n))
-
- CPY(tm_year,0);
-
- if(tm.tm_year < 50)
- tm.tm_year += 100; /* Sux */
-
- CPY(tm_mon, 2);
- --tm.tm_mon;
- CPY(tm_mday, 4);
- CPY(tm_hour, 6);
- CPY(tm_min, 8);
- CPY(tm_sec, 10);
-
- offset=0;
-
- if (asn1Time->data[12] != 'Z')
- {
- if (asn1Time->length < 17)
- return 0;
-
- offset=N2(13)*3600+N2(15)*60;
-
- if (asn1Time->data[12] == '-')
- offset= -offset;
- }
-
-#undef N2
-#undef CPY
-
- return mktime(&tm)-offset;
-}
-#endif
-
static char * get_fqdn(char *host)
{
#ifdef INET6
}
#endif
-#if USE_OPENSSL
-static SSLCertificate *ssl_certificate_new_lookup(X509 *x509_cert, gchar *host, gushort port, gboolean lookup)
-#else
static SSLCertificate *ssl_certificate_new_lookup(gnutls_x509_crt x509_cert, gchar *host, gushort port, gboolean lookup)
-#endif
{
SSLCertificate *cert = g_new0(SSLCertificate, 1);
-#if USE_OPENSSL
- unsigned int n;
-#else
size_t n;
-#endif
unsigned char md[128];
if (host == NULL || x509_cert == NULL) {
ssl_certificate_destroy(cert);
return NULL;
}
-#if USE_OPENSSL
- cert->x509_cert = X509_dup(x509_cert);
-#else
cert->x509_cert = x509_crt_copy(x509_cert);
cert->status = (guint)-1;
-#endif
if (lookup)
cert->host = get_fqdn(host);
else
cert->port = port;
/* fingerprint */
-#if USE_OPENSSL
- X509_digest(cert->x509_cert, EVP_md5(), md, &n);
- cert->fingerprint = readable_fingerprint(md, (int)n);
-#else
n = 128;
gnutls_x509_crt_get_fingerprint(cert->x509_cert, GNUTLS_DIG_MD5, md, &n);
cert->fingerprint = readable_fingerprint(md, (int)n);
-#endif
return cert;
}
return;
if (cert->x509_cert)
-#if USE_OPENSSL
- X509_free(cert->x509_cert);
-#else
gnutls_x509_crt_deinit(cert->x509_cert);
-#endif
g_free(cert->host);
g_free(cert->fingerprint);
g_free(cert);
gchar *buf;
gchar *fqdn_host;
SSLCertificate *cert = NULL;
-#if USE_OPENSSL
- X509 *tmp_x509;
-#else
gnutls_x509_crt tmp_x509;
-#endif
FILE *fp = NULL;
gboolean must_rename = FALSE;
return NULL;
}
-#if USE_OPENSSL
- if ((tmp_x509 = d2i_X509_fp(fp, 0)) != NULL) {
-#else
if ((tmp_x509 = gnutls_d2i_X509_fp(fp, 0)) != NULL) {
-#endif
cert = ssl_certificate_new_lookup(tmp_x509, fqdn_host, port, lookup);
debug_print("got cert %p\n", cert);
-#if USE_OPENSSL
- X509_free(tmp_x509);
-#else
gnutls_x509_crt_deinit(tmp_x509);
-#endif
}
fclose(fp);
g_free(file);
static gboolean ssl_certificate_compare (SSLCertificate *cert_a, SSLCertificate *cert_b)
{
-#ifdef USE_OPENSSL
- if (cert_a == NULL || cert_b == NULL)
- return FALSE;
- else if (!X509_cmp(cert_a->x509_cert, cert_b->x509_cert))
- return TRUE;
- else
- return FALSE;
-#else
char *output_a;
char *output_b;
size_t cert_size_a = 0, cert_size_b = 0;
g_free(output_b);
return TRUE;
-#endif
}
-#if USE_OPENSSL
-char *ssl_certificate_check_signer (X509 *cert)
-{
- X509_STORE_CTX store_ctx;
- X509_STORE *store = SSL_CTX_get_cert_store(ssl_get_ctx());
- char *err_msg = NULL;
-
- if (store == NULL) {
- g_print("Can't create X509_STORE\n");
- return NULL;
- }
-
- X509_STORE_CTX_init (&store_ctx, store, cert, NULL);
-
- if(!X509_verify_cert (&store_ctx)) {
- err_msg = g_strdup(X509_verify_cert_error_string(
- X509_STORE_CTX_get_error(&store_ctx)));
- debug_print("Can't check signer: %s\n", err_msg);
- X509_STORE_CTX_cleanup (&store_ctx);
- return err_msg;
-
- }
- X509_STORE_CTX_cleanup (&store_ctx);
- return NULL;
-}
-#else
static guint check_cert(gnutls_x509_crt cert)
{
gnutls_x509_crt *ca_list;
return NULL;
}
-#endif
-#if USE_OPENSSL
-gboolean ssl_certificate_check (X509 *x509_cert, gchar *fqdn, gchar *host, gushort port)
-#else
gboolean ssl_certificate_check (gnutls_x509_crt x509_cert, guint status, gchar *fqdn, gchar *host, gushort port)
-#endif
{
SSLCertificate *current_cert = NULL;
SSLCertificate *known_cert;
SSLCertHookData cert_hook_data;
gchar *fqdn_host = NULL;
gchar *fingerprint;
-#ifdef USE_OPENSSL
- unsigned int n;
-#else
size_t n;
-#endif
unsigned char md[128];
if (fqdn)
return FALSE;
}
-#if USE_GNUTLS
current_cert->status = status;
-#endif
/* fingerprint */
-#if USE_OPENSSL
- X509_digest(x509_cert, EVP_md5(), md, &n);
- fingerprint = readable_fingerprint(md, (int)n);
-#else
n = 128;
gnutls_x509_crt_get_fingerprint(x509_cert, GNUTLS_DIG_MD5, md, &n);
fingerprint = readable_fingerprint(md, n);
-#endif
known_cert = ssl_certificate_find_lookup (fqdn_host, port, fingerprint, FALSE);
ssl_certificate_destroy(known_cert);
return TRUE;
}
-#if USE_OPENSSL
- } else if (asn1toTime(X509_get_notAfter(current_cert->x509_cert)) < time(NULL)) {
-#else
} else if (gnutls_x509_crt_get_expiration_time(current_cert->x509_cert) < time(NULL)) {
-#endif
gchar *tmp = g_strdup_printf("%s:%d", current_cert->host, current_cert->port);
if (warned_expired == NULL)
return TRUE;
}
-#if USE_OPENSSL
-X509 *ssl_certificate_get_x509_from_pem_file(const gchar *file)
-{
- X509 *x509 = NULL;
- if (!file)
- return NULL;
- if (is_file_exist(file)) {
- FILE *fp = g_fopen(file, "r");
- if (fp) {
- x509 = PEM_read_X509(fp, NULL, NULL, NULL);
- fclose(fp);
- return x509;
- }
- } else {
- log_error(LOG_PROTOCOL, "Can not open certificate file %s\n", file);
- }
- return NULL;
-}
-
-static int ssl_pkey_password_cb(char *buf, int max_len, int flag, void *pwd)
-{
- return 0;
-}
-
-EVP_PKEY *ssl_certificate_get_pkey_from_pem_file(const gchar *file)
-{
- EVP_PKEY *pkey = NULL;
- if (!file)
- return NULL;
- if (is_file_exist(file)) {
- FILE *fp = g_fopen(file, "r");
- if (fp) {
- pkey = PEM_read_PrivateKey(fp, NULL, ssl_pkey_password_cb, NULL);
- fclose(fp);
- return pkey;
- }
- } else {
- log_error(LOG_PROTOCOL, "Can not open private key file %s\n", file);
- }
- return NULL;
-}
-
-void ssl_certificate_get_x509_and_pkey_from_p12_file(const gchar *file, const gchar *password,
- X509 **x509, EVP_PKEY **pkey)
-{
- PKCS12 *p12 = NULL;
- *x509 = NULL;
- *pkey = NULL;
-
- if (!file)
- return;
-
- if (is_file_exist(file)) {
- FILE *fp = g_fopen(file, "r");
- if (fp) {
- p12 = d2i_PKCS12_fp(fp, NULL);
- fclose(fp);
- }
- } else {
- log_error(LOG_PROTOCOL, "Can not open certificate file %s\n", file);
- }
- if (p12 != NULL) {
- if (PKCS12_parse(p12, password, pkey, x509, NULL) == 1) {
- /* we got the correct password */
- } else {
- gchar *tmp = NULL;
- hooks_invoke(SSL_CERT_GET_PASSWORD, &tmp);
- if (PKCS12_parse(p12, tmp, pkey, x509, NULL) == 1) {
- debug_print("got p12\n");
- } else {
- log_error(LOG_PROTOCOL, "%s\n", ERR_error_string(ERR_get_error(),NULL));
- }
- }
- PKCS12_free(p12);
- }
-}
-#endif
-
-#ifdef USE_GNUTLS
gnutls_x509_crt ssl_certificate_get_x509_from_pem_file(const gchar *file)
{
gnutls_x509_crt x509 = NULL;
gnutls_pkcs12_deinit(p12);
}
}
-#endif
-#endif /* USE_OPENSSL */
+#endif /* USE_GNUTLS */
# include "config.h"
#endif
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
-#if USE_OPENSSL
-#include <openssl/ssl.h>
-#include <openssl/objects.h>
-#else
+#ifdef USE_GNUTLS
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
-#endif
#include <glib.h>
struct _SSLCertificate
{
-#if USE_OPENSSL
- X509 *x509_cert;
-#else
gnutls_x509_crt x509_cert;
-#endif
gchar *host;
gushort port;
gchar *fingerprint;
-#if USE_GNUTLS
guint status;
-#endif
};
typedef struct _SSLCertHookData SSLCertHookData;
SSLCertificate *ssl_certificate_find (gchar *host, gushort port, const gchar *fingerprint);
SSLCertificate *ssl_certificate_find_lookup (gchar *host, gushort port, const gchar *fingerprint, gboolean lookup);
-#if USE_OPENSSL
-gboolean ssl_certificate_check (X509 *x509_cert, gchar *fqdn, gchar *host, gushort port);
-#else
gboolean ssl_certificate_check (gnutls_x509_crt x509_cert, guint status, gchar *fqdn, gchar *host, gushort port);
-#endif
void ssl_certificate_destroy(SSLCertificate *cert);
void ssl_certificate_delete_from_disk(SSLCertificate *cert);
char * readable_fingerprint(unsigned char *src, int len);
-#if USE_OPENSSL
-char *ssl_certificate_check_signer (X509 *cert);
-time_t asn1toTime(ASN1_TIME *asn1Time);
-#else
char *ssl_certificate_check_signer (gnutls_x509_crt cert, guint status);
-#endif
-#if USE_OPENSSL
-X509 *ssl_certificate_get_x509_from_pem_file(const gchar *file);
-EVP_PKEY *ssl_certificate_get_pkey_from_pem_file(const gchar *file);
-void ssl_certificate_get_x509_and_pkey_from_p12_file(const gchar *file,
- const gchar *password, X509 **x509, EVP_PKEY **pkey);
-#endif
#ifdef USE_GNUTLS
gnutls_x509_crt ssl_certificate_get_x509_from_pem_file(const gchar *file);
gnutls_x509_privkey ssl_certificate_get_pkey_from_pem_file(const gchar *file);
size_t gnutls_i2d_X509(gnutls_x509_crt x509_cert, unsigned char **output);
size_t gnutls_i2d_PrivateKey(gnutls_x509_privkey pkey, unsigned char **output);
#endif
-#endif /* USE_OPENSSL */
+#endif /* USE_GNUTLS */
#endif /* SSL_CERTIFICATE_H */
"http://www.gnu.org/licenses/", -1,
"link", NULL);
gtk_text_buffer_insert(buffer, &iter, _(">. \n\n"), -1);
-#ifdef USE_OPENSSL
- gtk_text_buffer_insert(buffer, &iter,
- _("This product includes software developed by the OpenSSL Project "
- "for use in the OpenSSL Toolkit ("), -1);
- gtk_text_buffer_insert_with_tags_by_name(buffer, &iter, OPENSSL_URI, -1,
- "link", NULL);
- gtk_text_buffer_insert(buffer, &iter, _(").\n"), -1);
-#endif
g_signal_connect(G_OBJECT(tag), "event",
G_CALLBACK(about_textview_uri_clicked), text);
# include "config.h"
#endif
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
-#if USE_OPENSSL
-#include <openssl/ssl.h>
-#else
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#include <sys/types.h>
#include <stdio.h>
#include <unistd.h>
#include <string.h>
-#endif
+
#include <glib.h>
#include <glib/gi18n.h>
#include <gtk/gtk.h>
char *subject_commonname, *subject_location, *subject_organization;
char *sig_status, *exp_date;
char *md5_fingerprint, *sha1_fingerprint, *fingerprint;
-#if USE_OPENSSL
- unsigned int n;
-#else
size_t n;
-#endif
char buf[100];
unsigned char md[128];
-#if USE_OPENSSL
- ASN1_TIME *validity;
-#else
char *tmp;
-#endif
time_t exp_time_t;
struct tm lt;
/* issuer */
-#if USE_OPENSSL
- if (X509_NAME_get_text_by_NID(X509_get_issuer_name(cert->x509_cert),
- NID_commonName, buf, 100) >= 0)
- issuer_commonname = g_strdup(buf);
- else
- issuer_commonname = g_strdup(_("<not in certificate>"));
- if (X509_NAME_get_text_by_NID(X509_get_issuer_name(cert->x509_cert),
- NID_localityName, buf, 100) >= 0) {
- issuer_location = g_strdup(buf);
- if (X509_NAME_get_text_by_NID(X509_get_issuer_name(cert->x509_cert),
- NID_countryName, buf, 100) >= 0)
- issuer_location = g_strconcat(issuer_location,", ",buf, NULL);
- } else if (X509_NAME_get_text_by_NID(X509_get_issuer_name(cert->x509_cert),
- NID_countryName, buf, 100) >= 0)
- issuer_location = g_strdup(buf);
- else
- issuer_location = g_strdup(_("<not in certificate>"));
-
- if (X509_NAME_get_text_by_NID(X509_get_issuer_name(cert->x509_cert),
- NID_organizationName, buf, 100) >= 0)
- issuer_organization = g_strdup(buf);
- else
- issuer_organization = g_strdup(_("<not in certificate>"));
-
- /* subject */
- if (X509_NAME_get_text_by_NID(X509_get_subject_name(cert->x509_cert),
- NID_commonName, buf, 100) >= 0)
- subject_commonname = g_strdup(buf);
- else
- subject_commonname = g_strdup(_("<not in certificate>"));
- if (X509_NAME_get_text_by_NID(X509_get_subject_name(cert->x509_cert),
- NID_localityName, buf, 100) >= 0) {
- subject_location = g_strdup(buf);
- if (X509_NAME_get_text_by_NID(X509_get_subject_name(cert->x509_cert),
- NID_countryName, buf, 100) >= 0)
- subject_location = g_strconcat(subject_location,", ",buf, NULL);
- } else if (X509_NAME_get_text_by_NID(X509_get_subject_name(cert->x509_cert),
- NID_countryName, buf, 100) >= 0)
- subject_location = g_strdup(buf);
- else
- subject_location = g_strdup(_("<not in certificate>"));
-
- if (X509_NAME_get_text_by_NID(X509_get_subject_name(cert->x509_cert),
- NID_organizationName, buf, 100) >= 0)
- subject_organization = g_strdup(buf);
- else
- subject_organization = g_strdup(_("<not in certificate>"));
-
- if ((validity = X509_get_notAfter(cert->x509_cert)) != NULL) {
- exp_time_t = asn1toTime(validity);
- } else {
- exp_time_t = (time_t)0;
- }
-#else
issuer_commonname = g_malloc(BUFFSIZE);
issuer_location = g_malloc(BUFFSIZE);
issuer_organization = g_malloc(BUFFSIZE);
strncpy(subject_organization, _("<not in certificate>"), BUFFSIZE);
exp_time_t = gnutls_x509_crt_get_expiration_time(cert->x509_cert);
-#endif
memset(buf, 0, sizeof(buf));
if (exp_time_t > 0) {
exp_date = g_strdup("");
/* fingerprint */
-#if USE_OPENSSL
- X509_digest(cert->x509_cert, EVP_md5(), md, &n);
- md5_fingerprint = readable_fingerprint(md, (int)n);
- X509_digest(cert->x509_cert, EVP_sha1(), md, &n);
- sha1_fingerprint = readable_fingerprint(md, (int)n);
-
- /* signature */
- sig_status = ssl_certificate_check_signer(cert->x509_cert);
-#else
n = 128;
gnutls_x509_crt_get_fingerprint(cert->x509_cert, GNUTLS_DIG_MD5, md, &n);
md5_fingerprint = readable_fingerprint(md, (int)n);
/* signature */
sig_status = ssl_certificate_check_signer(cert->x509_cert, cert->status);
-#endif
if (sig_status==NULL)
sig_status = g_strdup(_("Correct"));
gtk_box_pack_start(GTK_BOX(vbox), label, TRUE, TRUE, 0);
g_free(buf);
-#if USE_OPENSSL
- sig_status = ssl_certificate_check_signer(cert->x509_cert);
-#else
sig_status = ssl_certificate_check_signer(cert->x509_cert, cert->status);
-#endif
if (sig_status==NULL)
sig_status = g_strdup(_("Correct"));
gtk_box_pack_start(GTK_BOX(vbox), label, TRUE, TRUE, 0);
g_free(buf);
-#if USE_OPENSSL
- sig_status = ssl_certificate_check_signer(cert->x509_cert);
-#else
sig_status = ssl_certificate_check_signer(cert->x509_cert, cert->status);
-#endif
if (sig_status==NULL)
sig_status = g_strdup(_("Correct"));
gtk_box_pack_start(GTK_BOX(vbox2), label, TRUE, TRUE, 0);
g_free(buf);
-#if USE_OPENSSL
- sig_status = ssl_certificate_check_signer(new_cert->x509_cert);
-#else
sig_status = ssl_certificate_check_signer(new_cert->x509_cert, new_cert->status);
-#endif
if (sig_status==NULL)
sig_status = g_strdup(_("Correct"));
# include "config.h"
#endif
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
-#ifdef USE_OPENSSL
-#include <openssl/ssl.h>
-#include <openssl/objects.h>
-#else
-/* GNUTLS */
-#endif
+#ifdef USE_GNUTLS
#include <glib.h>
#include <gtk/gtk.h>
#include "ssl_certificate.h"
void sslcertwindow_show_cert(SSLCertificate *cert);
void sslcertwindow_register_hook(void);
-#endif /* USE_OPENSSL */
+#endif /* USE_GNUTLS */
#endif /* __SSL_CERTWINDOW_H__ */
# include <iconv.h>
#endif
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
# include "ssl.h"
#endif
#define IMAP4_PORT 143
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
#define IMAPS_PORT 993
#endif
const gchar *pass,
const gchar *type);
static gint imap_cmd_noop (IMAPSession *session);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static gint imap_cmd_starttls (IMAPSession *session);
#endif
static gint imap_cmd_select (IMAPSession *session,
case MAILIMAP_ERROR_SASL:
log_warning(LOG_PROTOCOL, _("IMAP error on %s: SASL error\n"), session_server);
break;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
case MAILIMAP_ERROR_SSL:
log_warning(LOG_PROTOCOL, _("IMAP error on %s: SSL error\n"), session_server);
break;
int r;
int authenticated = FALSE;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
/* FIXME: IMAP over SSL only... */
SSLType ssl_type;
else
#endif
{
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (ssl_type == SSL_TUNNEL) {
r = imap_threaded_connect_ssl(folder,
account->recv_server,
authenticated = FALSE;
}
else {
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (r == MAILIMAP_ERROR_SSL)
log_error(LOG_PROTOCOL, _("SSL handshake failed\n"));
else
session->folder = folder;
IMAP_FOLDER(session->folder)->last_seen_separator = 0;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (account->ssl_imap == SSL_STARTTLS) {
gint ok;
if (!strcmp(type, "LOGIN") && imap_has_capability(session, "LOGINDISABLED")) {
gint ok = MAILIMAP_ERROR_BAD_STATE;
if (imap_has_capability(session, "STARTTLS")) {
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
log_warning(LOG_PROTOCOL, _("Server requires TLS to log in.\n"));
ok = imap_cmd_starttls(session);
if (ok != MAILIMAP_NO_ERROR) {
return MAILIMAP_NO_ERROR;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static gint imap_cmd_starttls(IMAPSession *session)
{
int r;
g_free(buf);
server = pop3_session->ac_prefs->recv_server;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
port = pop3_session->ac_prefs->set_popport ?
pop3_session->ac_prefs->popport :
pop3_session->ac_prefs->ssl_pop == SSL_TUNNEL ? 995 : 110;
#ifdef HAVE_VALGRIND
#include "valgrind.h"
#endif
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
# include "ssl.h"
#endif
static void prefs_filtering_open_cb (GtkAction *action,
gpointer data);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static void ssl_manager_open_cb (GtkAction *action,
gpointer data);
#endif
/* {"Tools/---", NULL, "---", NULL, NULL, NULL }, */
{"Tools/Execute", NULL, N_("E_xecute"), "X", NULL, G_CALLBACK(execute_summary_cb) },
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
/* {"Tools/---", NULL, "---", NULL, NULL, NULL }, */
{"Tools/SSLCertificates", NULL, N_("SSL cer_tificates"), NULL, NULL, G_CALLBACK(ssl_manager_open_cb) },
#endif
MENUITEM_ADDUI_MANAGER(mainwin->ui_manager, "/Menu/Tools", "Separator5", "Tools/---", GTK_UI_MANAGER_SEPARATOR)
MENUITEM_ADDUI_MANAGER(mainwin->ui_manager, "/Menu/Tools", "Execute", "Tools/Execute", GTK_UI_MANAGER_MENUITEM)
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
MENUITEM_ADDUI_MANAGER(mainwin->ui_manager, "/Menu/Tools", "Separator6", "Tools/---", GTK_UI_MANAGER_SEPARATOR)
MENUITEM_ADDUI_MANAGER(mainwin->ui_manager, "/Menu/Tools", "SSLCertificates", "Tools/SSLCertificates", GTK_UI_MANAGER_MENUITEM)
#endif
folderview_init(folderview);
summary_init(summaryview);
messageview_init(messageview);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
sslcertwindow_register_hook();
#endif
mainwin->lock_count = 0;
GSList * list = summary_get_selected_msg_list(mainwin->summaryview);
tag_apply_open(list);
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static void ssl_manager_open_cb(GtkAction *action, gpointer data)
{
MainWindow *mainwin = (MainWindow *)data;
#include "remotefolder.h"
#include "alertpanel.h"
#include "inc.h"
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
# include "ssl.h"
#endif
#define NNTP_PORT 119
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
#define NNTPS_PORT 563
#endif
static void news_remove_cached_msg (Folder *folder,
FolderItem *item,
MsgInfo *msginfo);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static Session *news_session_new (Folder *folder,
const gchar *server,
gushort port,
g_free(news_session->group);
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static Session *news_session_new(Folder *folder, const gchar *server, gushort port,
const gchar *userid, const gchar *passwd,
SSLType ssl_type)
nntp_init(folder);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (ssl_type != SSL_NONE)
r = nntp_threaded_connect_ssl(folder, server, port);
else
&(ac->session_passwd));
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
port = ac->set_nntpport ? ac->nntpport
: ac->ssl_nntp ? NNTPS_PORT : NNTP_PORT;
session = news_session_new(folder, ac->nntp_server, port, userid, passwd,
static gint pop3_getauth_user_send (Pop3Session *session);
static gint pop3_getauth_pass_send (Pop3Session *session);
static gint pop3_getauth_apop_send (Pop3Session *session);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static gint pop3_stls_send (Pop3Session *session);
static gint pop3_stls_recv (Pop3Session *session);
#endif
return PS_SUCCESS;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static gint pop3_stls_send(Pop3Session *session)
{
session->state = POP3_STLS;
}
return PS_SUCCESS;
}
-#endif /* USE_OPENSSL */
+#endif /* USE_GNUTLS */
static gint pop3_getauth_user_send(Pop3Session *session)
{
ok = PS_ERROR;
} else {
switch (session->state) {
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
case POP3_STLS:
log_error(LOG_PROTOCOL, _("couldn't start TLS session\n"));
ok = PS_ERROR;
case POP3_READY:
case POP3_GREETING:
pop3_greeting_recv(pop3_session, body);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
if (pop3_session->ac_prefs->ssl_pop == SSL_STARTTLS)
val = pop3_stls_send(pop3_session);
else
else
val = pop3_getauth_user_send(pop3_session);
break;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
case POP3_STLS:
if (pop3_stls_recv(pop3_session) != PS_SUCCESS)
return -1;
typedef enum {
POP3_READY,
POP3_GREETING,
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
POP3_STLS,
#endif
POP3_GETAUTH_USER,
static GtkWidget *signature_browse_button;
static GtkWidget *signature_edit_button;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static GtkWidget *entry_in_cert_file;
static GtkWidget *entry_out_cert_file;
static GtkWidget *in_ssl_cert_browse_button;
static ComposePage compose_page;
static TemplatesPage templates_page;
static PrivacyPage privacy_page;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static SSLPage ssl_page;
#endif
static AdvancedPage advanced_page;
};
static PrefParam ssl_param[] = {
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
{"ssl_pop", "0", &tmp_ac_prefs.ssl_pop, P_ENUM,
&ssl_page.pop_nossl_radiobtn,
prefs_account_enum_set_data_from_radiobtn,
{"use_nonblocking_ssl", "1", &tmp_ac_prefs.use_nonblocking_ssl, P_BOOL,
NULL, NULL, NULL},
-#endif /* USE_OPENSSL */
+#endif /* USE_GNUTLS */
{NULL, NULL, NULL, P_OTHER, NULL, NULL, NULL}
};
static void prefs_account_signature_browse_cb (GtkWidget *widget,
gpointer data);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static void prefs_account_in_cert_browse_cb (GtkWidget *widget,
gpointer data);
page->page.widget = vbox1;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
#define CREATE_RADIO_BUTTON(box, btn, btn_p, label, data) \
{ \
#undef CREATE_RADIO_BUTTONS
#undef CREATE_RADIO_BUTTON
-#endif /* USE_OPENSSL */
+#endif /* USE_GNUTLS */
static void advanced_create_widget_func(PrefsPage * _page,
GtkWindow * window,
return 0;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static gint prefs_ssl_apply(void)
{
prefs_set_data_from_dialog(ssl_param);
/* PrivacyPage *page = (PrivacyPage *) _page; */
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static void ssl_destroy_widget_func(PrefsPage *_page)
{
/* SSLPage *page = (SSLPage *) _page; */
return prefs_privacy_apply() >= 0;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static gboolean ssl_can_close_func(PrefsPage *_page)
{
SSLPage *page = (SSLPage *) _page;
cancelled = FALSE;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static void ssl_save_func(PrefsPage *_page)
{
SSLPage *page = (SSLPage *) _page;
prefs_account_register_page((PrefsPage *) &privacy_page);
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static void register_ssl_page(void)
{
static gchar *path[3];
register_compose_page();
register_templates_page();
register_privacy_page();
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
register_ssl_page();
hooks_register_hook(SSLCERT_GET_CLIENT_CERT_HOOKLIST, sslcert_get_client_cert_hook, NULL);
hooks_register_hook(SSL_CERT_GET_PASSWORD, sslcert_get_password, NULL);
g_free(utf8_filename);
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static void prefs_account_in_cert_browse_cb(GtkWidget *widget, gpointer data)
{
gchar *filename;
FALSE);
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gtk_widget_hide(ssl_page.pop_frame);
gtk_widget_hide(ssl_page.imap_frame);
gtk_widget_show(ssl_page.nntp_frame);
TRUE);
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gtk_widget_hide(ssl_page.pop_frame);
gtk_widget_hide(ssl_page.imap_frame);
gtk_widget_hide(ssl_page.nntp_frame);
FALSE);
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gtk_widget_hide(ssl_page.pop_frame);
gtk_widget_show(ssl_page.imap_frame);
gtk_widget_hide(ssl_page.nntp_frame);
gtk_toggle_button_set_active
(GTK_TOGGLE_BUTTON(receive_page.recvatgetall_checkbtn), FALSE);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gtk_widget_hide(ssl_page.pop_frame);
gtk_widget_hide(ssl_page.imap_frame);
gtk_widget_hide(ssl_page.nntp_frame);
TRUE);
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gtk_widget_show(ssl_page.pop_frame);
gtk_widget_hide(ssl_page.imap_frame);
gtk_widget_hide(ssl_page.nntp_frame);
smtp_session->pass = NULL;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
port = ac_prefs->set_smtpport ? ac_prefs->smtpport :
ac_prefs->ssl_smtp == SSL_TUNNEL ? SSMTP_PORT : SMTP_PORT;
session->ssl_type = ac_prefs->ssl_smtp;
#include "prefs_account.h"
#define SMTP_PORT 25
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
#define SSMTP_PORT 465
#endif
# include "config.h"
#endif
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
#include <gtk/gtk.h>
#include <glib.h>
#include <glib/gi18n.h>
#ifndef SSL_MANAGER_H
#define SSL_MANAGER_H
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
#include "mainwindow.h"
void ssl_manager_create (void);
#include "folder.h"
#include "alertpanel.h"
#include "filesel.h"
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
#include "ssl.h"
#endif
#include "prefs_common.h"
GtkWidget *recv_imap_subdir;
GtkWidget *subsonly_checkbtn;
GtkWidget *no_imap_warning;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
GtkWidget *smtp_use_ssl;
GtkWidget *recv_use_ssl;
GtkWidget *smtp_use_tls;
GList *account_list = NULL;
gchar *smtp_server, *recv_server;
gint smtp_port, recv_port;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
SSLType smtp_ssl_type, recv_ssl_type;
#endif
prefs_account->use_smtp_auth = TRUE;
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
smtp_ssl_type = SSL_NONE;
recv_ssl_type = SSL_NONE;
gtk_widget_set_sensitive(wizard->smtp_password_label, do_auth);
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
static void cert_browse_cb(GtkWidget *widget, gpointer data)
{
GtkEntry *dest = GTK_ENTRY(data);
GtkWidget *table = gtk_table_new(1, 1, FALSE);
GtkWidget *vbox;
GtkWidget *hbox;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
GtkWidget *label;
GtkWidget *button;
GtkWidget *smtp_cert_table;
gtk_misc_set_alignment(GTK_MISC(wizard->smtp_password_label), 1, 0.5);
gtk_box_pack_start(GTK_BOX(hbox), wizard->smtp_password_label, FALSE, FALSE, 0);
gtk_box_pack_start(GTK_BOX(hbox), wizard->smtp_password, TRUE, TRUE, 0);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
hbox = gtk_hbox_new(FALSE, VSPACING_NARROW);
gtk_box_pack_start (GTK_BOX(vbox), hbox, FALSE, FALSE, 0);
wizard->smtp_use_ssl = gtk_check_button_new_with_label(
gtk_widget_show(wizard->recv_username_label);
gtk_widget_show(wizard->recv_password_label);
gtk_widget_hide(wizard->no_imap_warning);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gtk_widget_show(wizard->recv_use_ssl);
gtk_widget_show(wizard->recv_use_tls);
gtk_widget_show(wizard->recv_cert_table);
gtk_widget_show(wizard->recv_username_label);
gtk_widget_show(wizard->recv_password_label);
gtk_widget_hide(wizard->no_imap_warning);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gtk_widget_show(wizard->recv_use_ssl);
gtk_widget_show(wizard->recv_use_tls);
gtk_widget_show(wizard->recv_cert_table);
gtk_widget_hide(wizard->mailbox_label);
gtk_widget_hide(wizard->mailbox_name);
}
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gtk_widget_hide(wizard->recv_use_ssl);
gtk_widget_hide(wizard->recv_use_tls);
gtk_widget_hide(wizard->recv_cert_table);
gtk_widget_hide(wizard->recv_password);
gtk_widget_hide(wizard->recv_username_label);
gtk_widget_hide(wizard->recv_password_label);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
gtk_widget_hide(wizard->recv_use_ssl);
gtk_widget_hide(wizard->recv_use_tls);
gtk_widget_hide(wizard->recv_cert_table);
GtkWidget *table = gtk_table_new(1,1, FALSE);
GtkWidget *vbox;
GtkWidget *hbox;
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
GtkWidget *label;
GtkWidget *button;
GtkWidget *recv_cert_table;
gtk_box_pack_start(GTK_BOX(hbox), wizard->recv_password_label, FALSE, FALSE, 0);
gtk_box_pack_start(GTK_BOX(hbox), wizard->recv_password, TRUE, TRUE, 0);
-#if (defined(USE_OPENSSL) || defined (USE_GNUTLS))
+#ifdef USE_GNUTLS
hbox = gtk_hbox_new(FALSE, VSPACING_NARROW);
gtk_box_pack_start (GTK_BOX(vbox), hbox, FALSE, FALSE, 0);
wizard->recv_use_ssl = gtk_check_button_new_with_label(