aboutsummaryrefslogtreecommitdiffstats
path: root/camel/camel-tcp-stream-ssl.c
diff options
context:
space:
mode:
authorJeffrey Stedfast <fejj@ximian.com>2001-03-17 07:02:04 +0800
committerJeffrey Stedfast <fejj@src.gnome.org>2001-03-17 07:02:04 +0800
commita9df5de4af55791e4d4aeb3533bcc715e28c1512 (patch)
tree0b9faa4b152a9c3589226000c9e4fb01620f3225 /camel/camel-tcp-stream-ssl.c
parent13afe783505cb99b902ec4b29c46fb14ec8006f0 (diff)
downloadgsoc2013-evolution-a9df5de4af55791e4d4aeb3533bcc715e28c1512.tar.gz
gsoc2013-evolution-a9df5de4af55791e4d4aeb3533bcc715e28c1512.tar.zst
gsoc2013-evolution-a9df5de4af55791e4d4aeb3533bcc715e28c1512.zip
Print info about the issuer of the certificate.
2001-03-16 Jeffrey Stedfast <fejj@ximian.com> * camel-tcp-stream-ssl.c (ssl_bad_cert): Print info about the issuer of the certificate. * providers/smtp/camel-smtp-transport.c (smtp_connect): Use camel_tcp_stream_get_socket(). * camel-tcp-stream-openssl.c (stream_get_socket): Implemented. * camel-tcp-stream-ssl.c (stream_get_socket): Implemented. * camel-tcp-stream-raw.c (stream_get_socket): Implemented. * camel-tcp-stream.c (camel_tcp_stream_get_socket): New function. svn path=/trunk/; revision=8764
Diffstat (limited to 'camel/camel-tcp-stream-ssl.c')
-rw-r--r--camel/camel-tcp-stream-ssl.c79
1 files changed, 54 insertions, 25 deletions
diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c
index 332234291c..8aa4080660 100644
--- a/camel/camel-tcp-stream-ssl.c
+++ b/camel/camel-tcp-stream-ssl.c
@@ -32,6 +32,7 @@
#include <fcntl.h>
#include <errno.h>
#include <string.h>
+
#include <nspr.h>
#include <prio.h>
#include <prerror.h>
@@ -52,7 +53,14 @@ static int stream_close (CamelStream *stream);
static int stream_connect (CamelTcpStream *stream, struct hostent *host, int port);
static int stream_getsockopt (CamelTcpStream *stream, CamelSockOptData *data);
static int stream_setsockopt (CamelTcpStream *stream, const CamelSockOptData *data);
+static gpointer stream_get_socket (CamelTcpStream *stream);
+struct _CamelTcpStreamSSLPrivate {
+ PRFileDesc *sockfd;
+
+ CamelService *service;
+ char *expected_host;
+};
static void
camel_tcp_stream_ssl_class_init (CamelTcpStreamSSLClass *camel_tcp_stream_ssl_class)
@@ -73,6 +81,7 @@ camel_tcp_stream_ssl_class_init (CamelTcpStreamSSLClass *camel_tcp_stream_ssl_cl
camel_tcp_stream_class->connect = stream_connect;
camel_tcp_stream_class->getsockopt = stream_getsockopt;
camel_tcp_stream_class->setsockopt = stream_setsockopt;
+ camel_tcp_stream_class->get_socket = stream_get_socket;
}
static void
@@ -80,9 +89,7 @@ camel_tcp_stream_ssl_init (gpointer object, gpointer klass)
{
CamelTcpStreamSSL *stream = CAMEL_TCP_STREAM_SSL (object);
- stream->sockfd = NULL;
- stream->service = NULL;
- stream->expected_host = NULL;
+ stream->priv = g_new0 (struct _CamelTcpStreamSSLPrivate, 1);
}
static void
@@ -90,10 +97,12 @@ camel_tcp_stream_ssl_finalize (CamelObject *object)
{
CamelTcpStreamSSL *stream = CAMEL_TCP_STREAM_SSL (object);
- if (stream->sockfd != NULL)
- PR_Close (stream->sockfd);
+ if (stream->priv->sockfd != NULL)
+ PR_Close (stream->priv->sockfd);
- g_free (stream->expected_host);
+ g_free (stream->priv->expected_host);
+
+ g_free (stream->priv);
}
@@ -134,8 +143,8 @@ camel_tcp_stream_ssl_new (CamelService *service, const char *expected_host)
stream = CAMEL_TCP_STREAM_SSL (camel_object_new (camel_tcp_stream_ssl_get_type ()));
- stream->service = service;
- stream->expected_host = g_strdup (expected_host);
+ stream->priv->service = service;
+ stream->priv->expected_host = g_strdup (expected_host);
return CAMEL_STREAM (stream);
}
@@ -164,7 +173,7 @@ stream_read (CamelStream *stream, char *buffer, size_t n)
ssize_t nread;
do {
- nread = PR_Read (tcp_stream_ssl->sockfd, buffer, n);
+ nread = PR_Read (tcp_stream_ssl->priv->sockfd, buffer, n);
} while (nread == -1 && PR_GetError () == PR_PENDING_INTERRUPT_ERROR);
if (nread == -1)
@@ -180,7 +189,7 @@ stream_write (CamelStream *stream, const char *buffer, size_t n)
ssize_t written = 0;
do {
- written = PR_Write (tcp_stream_ssl->sockfd, buffer, n);
+ written = PR_Write (tcp_stream_ssl->priv->sockfd, buffer, n);
} while (written == -1 && PR_GetError () == PR_PENDING_INTERRUPT_ERROR);
if (written == -1)
@@ -192,16 +201,16 @@ stream_write (CamelStream *stream, const char *buffer, size_t n)
static int
stream_flush (CamelStream *stream)
{
- return PR_Sync (((CamelTcpStreamSSL *)stream)->sockfd);
+ return PR_Sync (((CamelTcpStreamSSL *)stream)->priv->sockfd);
}
static int
stream_close (CamelStream *stream)
{
- if (PR_Close (((CamelTcpStreamSSL *)stream)->sockfd) == PR_FAILURE)
+ if (PR_Close (((CamelTcpStreamSSL *)stream)->priv->sockfd) == PR_FAILURE)
return -1;
- ((CamelTcpStreamSSL *)stream)->sockfd = NULL;
+ ((CamelTcpStreamSSL *)stream)->priv->sockfd = NULL;
return 0;
}
@@ -322,8 +331,9 @@ ssl_auth_cert (void *data, PRFileDesc *sockfd, PRBool checksig, PRBool is_server
static SECStatus
ssl_bad_cert (void *data, PRFileDesc *sockfd)
{
+ CERTCertificate *cert;
CamelService *service;
- char *prompt, *err;
+ char *prompt, *cert_str;
gpointer accept;
PRUint32 len;
@@ -332,14 +342,27 @@ ssl_bad_cert (void *data, PRFileDesc *sockfd)
service = CAMEL_SERVICE (data);
- len = PR_GetErrorTextLength ();
- err = g_malloc0 (len + 1);
- PR_GetErrorText (err);
+ cert = SSL_PeerCertificate (sockfd);
+
+ cert_str = g_strdup_printf (_("EMail: %s\n"
+ "Common Name: %s\n"
+ "Organization Unit: %s\n"
+ "Organization: %s\n"
+ "Locality: %s\n"
+ "State: %s\n"
+ "Country: %s"),
+ cert->emailAddr ? cert->emailAddr : "",
+ CERT_GetCommonName (&cert->issuer) ? CERT_GetCommonName (&cert->issuer) : "",
+ CERT_GetOrgUnitName (&cert->issuer) ? CERT_GetOrgUnitName (&cert->issuer) : "",
+ CERT_GetOrgName (&cert->issuer) ? CERT_GetOrgName (&cert->issuer) : "",
+ CERT_GetLocalityName (&cert->issuer) ? CERT_GetLocalityName (&cert->issuer) : "",
+ CERT_GetStateName (&cert->issuer) ? CERT_GetStateName (&cert->issuer) : "",
+ CERT_GetCountryName (&cert->issuer) ? CERT_GetCountryName (&cert->issuer) : "");
/* construct our user prompt */
- prompt = g_strdup_printf (_("Bad certificate from %s:%s\n\nDo you wish to accept anyway?"),
- service->url->host, err);
- g_free (err);
+ prompt = g_strdup_printf (_("Bad certificate from %s:\n\n%s\n\nDo you wish to accept anyway?"),
+ service->url->host, cert_str);
+ g_free (cert_str);
/* query the user to find out if we want to accept this certificate */
accept = camel_session_query_authenticator (service->session, CAMEL_AUTHENTICATOR_ACCEPT,
@@ -372,7 +395,7 @@ stream_connect (CamelTcpStream *stream, struct hostent *host, int port)
fd = PR_OpenTCPSocket (host->h_addrtype);
ssl_fd = SSL_ImportFD (NULL, fd);
- SSL_SetURL (ssl_fd, ssl->expected_host);
+ SSL_SetURL (ssl_fd, ssl->priv->expected_host);
if (ssl_fd == NULL || PR_Connect (ssl_fd, &netaddr, timeout) == PR_FAILURE) {
if (ssl_fd != NULL)
@@ -383,9 +406,9 @@ stream_connect (CamelTcpStream *stream, struct hostent *host, int port)
/*SSL_GetClientAuthDataHook (sslSocket, ssl_get_client_auth, (void *)certNickname);*/
/*SSL_AuthCertificateHook (ssl_fd, ssl_auth_cert, (void *) CERT_GetDefaultCertDB ());*/
- SSL_BadCertHook (ssl_fd, ssl_bad_cert, ssl->service);
+ SSL_BadCertHook (ssl_fd, ssl_bad_cert, ssl->priv->service);
- ssl->sockfd = ssl_fd;
+ ssl->priv->sockfd = ssl_fd;
return 0;
}
@@ -399,7 +422,7 @@ stream_getsockopt (CamelTcpStream *stream, CamelSockOptData *data)
memset ((void *) &sodata, 0, sizeof (sodata));
memcpy ((void *) &sodata, (void *) data, sizeof (CamelSockOptData));
- if (PR_GetSocketOption (((CamelTcpStreamSSL *)stream)->sockfd, &sodata) == PR_FAILURE)
+ if (PR_GetSocketOption (((CamelTcpStreamSSL *)stream)->priv->sockfd, &sodata) == PR_FAILURE)
return -1;
memcpy ((void *) data, (void *) &sodata, sizeof (CamelSockOptData));
@@ -415,10 +438,16 @@ stream_setsockopt (CamelTcpStream *stream, const CamelSockOptData *data)
memset ((void *) &sodata, 0, sizeof (sodata));
memcpy ((void *) &sodata, (void *) data, sizeof (CamelSockOptData));
- if (PR_SetSocketOption (((CamelTcpStreamSSL *)stream)->sockfd, &sodata) == PR_FAILURE)
+ if (PR_SetSocketOption (((CamelTcpStreamSSL *)stream)->priv->sockfd, &sodata) == PR_FAILURE)
return -1;
return 0;
}
+static gpointer
+stream_get_socket (CamelTcpStream *stream)
+{
+ return (gpointer) CAMEL_TCP_STREAM_SSL (stream)->priv->sockfd;
+}
+
#endif /* HAVE_NSS */