projects
/
apps
/
madmutt.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
add more encoding arrays
[apps/madmutt.git]
/
mutt_ssl_gnutls.c
diff --git
a/mutt_ssl_gnutls.c
b/mutt_ssl_gnutls.c
index
5bf6b5a
..
61a2da8
100644
(file)
--- a/
mutt_ssl_gnutls.c
+++ b/
mutt_ssl_gnutls.c
@@
-12,21
+12,26
@@
# include "config.h"
#endif
# include "config.h"
#endif
+#ifdef USE_GNUTLS
+
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#ifdef HAVE_GNUTLS_OPENSSL_H
#include <gnutls/openssl.h>
#endif
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#ifdef HAVE_GNUTLS_OPENSSL_H
#include <gnutls/openssl.h>
#endif
+#include <lib-lib/mem.h>
+#include <lib-lib/str.h>
+#include <lib-lib/macros.h>
+#include <lib-lib/file.h>
+
#include "mutt.h"
#include "mutt_socket.h"
#include "mutt_curses.h"
#include "mutt_menu.h"
#include "mutt_ssl.h"
#include "mutt.h"
#include "mutt_socket.h"
#include "mutt_curses.h"
#include "mutt_menu.h"
#include "mutt_ssl.h"
-#include "mutt_regex.h"
-#include "lib/mem.h"
-#include "lib/intl.h"
+#include "lib/rx.h"
typedef struct _tlssockdata {
gnutls_session state;
typedef struct _tlssockdata {
gnutls_session state;
@@
-55,7
+60,7
@@
static int tls_init (void)
err = gnutls_global_init ();
if (err < 0) {
err = gnutls_global_init ();
if (err < 0) {
- mutt_error (
"gnutls_global_init: %s"
, gnutls_strerror (err));
+ mutt_error (
_("gnutls_global_init: %s")
, gnutls_strerror (err));
mutt_sleep (2);
return -1;
}
mutt_sleep (2);
return -1;
}
@@
-64,7
+69,7
@@
static int tls_init (void)
return 0;
}
return 0;
}
-int mutt_
gnutls
_socket_setup (CONNECTION * conn)
+int mutt_
ssl
_socket_setup (CONNECTION * conn)
{
if (tls_init () < 0)
return -1;
{
if (tls_init () < 0)
return -1;
@@
-83,14
+88,14
@@
static int tls_socket_read (CONNECTION * conn, char *buf, size_t len)
int ret;
if (!data) {
int ret;
if (!data) {
- mutt_error (
"Error: no TLS socket open"
);
+ mutt_error (
_("Error: no TLS socket open")
);
mutt_sleep (2);
return -1;
}
ret = gnutls_record_recv (data->state, buf, len);
if (gnutls_error_is_fatal (ret) == 1) {
mutt_sleep (2);
return -1;
}
ret = gnutls_record_recv (data->state, buf, len);
if (gnutls_error_is_fatal (ret) == 1) {
- mutt_error (
"tls_socket_read (%s)"
, gnutls_strerror (ret));
+ mutt_error (
_("tls_socket_read (%s)")
, gnutls_strerror (ret));
mutt_sleep (4);
return -1;
}
mutt_sleep (4);
return -1;
}
@@
-103,14
+108,14
@@
static int tls_socket_write (CONNECTION * conn, const char *buf, size_t len)
int ret;
if (!data) {
int ret;
if (!data) {
- mutt_error (
"Error: no TLS socket open"
);
+ mutt_error (
_("Error: no TLS socket open")
);
mutt_sleep (2);
return -1;
}
ret = gnutls_record_send (data->state, buf, len);
if (gnutls_error_is_fatal (ret) == 1) {
mutt_sleep (2);
return -1;
}
ret = gnutls_record_send (data->state, buf, len);
if (gnutls_error_is_fatal (ret) == 1) {
- mutt_error (
"tls_socket_write (%s)"
, gnutls_strerror (ret));
+ mutt_error (
_("tls_socket_write (%s)")
, gnutls_strerror (ret));
mutt_sleep (4);
return -1;
}
mutt_sleep (4);
return -1;
}
@@
-130,7
+135,7
@@
static int tls_socket_open (CONNECTION * conn)
return 0;
}
return 0;
}
-int mutt_
gnutls
_starttls (CONNECTION * conn)
+int mutt_
ssl
_starttls (CONNECTION * conn)
{
if (tls_init () < 0)
return -1;
{
if (tls_init () < 0)
return -1;
@@
-154,12
+159,12
@@
static int tls_negotiate (CONNECTION * conn)
tlssockdata *data;
int err;
tlssockdata *data;
int err;
- data =
(tlssockdata *) safe_calloc (1, sizeof (tlssockdata)
);
+ data =
p_new(tlssockdata, 1
);
conn->sockdata = data;
err = gnutls_certificate_allocate_credentials (&data->xcred);
if (err < 0) {
conn->sockdata = data;
err = gnutls_certificate_allocate_credentials (&data->xcred);
if (err < 0) {
-
FREE
(&conn->sockdata);
- mutt_error (
"gnutls_certificate_allocate_credentials: %s"
,
+
p_delete
(&conn->sockdata);
+ mutt_error (
_("gnutls_certificate_allocate_credentials: %s")
,
gnutls_strerror (err));
mutt_sleep (2);
return -1;
gnutls_strerror (err));
mutt_sleep (2);
return -1;
@@
-224,11
+229,11
@@
static int tls_negotiate (CONNECTION * conn)
}
if (err < 0) {
if (err == GNUTLS_E_FATAL_ALERT_RECEIVED) {
}
if (err < 0) {
if (err == GNUTLS_E_FATAL_ALERT_RECEIVED) {
- mutt_error (
"gnutls_handshake: %s(%s)"
, gnutls_strerror (err),
+ mutt_error (
_("gnutls_handshake: %s(%s)")
, gnutls_strerror (err),
gnutls_alert_get_name (gnutls_alert_get (data->state)));
}
else {
gnutls_alert_get_name (gnutls_alert_get (data->state)));
}
else {
- mutt_error (
"gnutls_handshake: %s"
, gnutls_strerror (err));
+ mutt_error (
_("gnutls_handshake: %s")
, gnutls_strerror (err));
}
mutt_sleep (2);
goto fail;
}
mutt_sleep (2);
goto fail;
@@
-255,7
+260,7
@@
static int tls_negotiate (CONNECTION * conn)
fail:
gnutls_certificate_free_credentials (data->xcred);
gnutls_deinit (data->state);
fail:
gnutls_certificate_free_credentials (data->xcred);
gnutls_deinit (data->state);
-
FREE
(&conn->sockdata);
+
p_delete
(&conn->sockdata);
return -1;
}
return -1;
}
@@
-268,7
+273,7
@@
static int tls_socket_close (CONNECTION * conn)
gnutls_certificate_free_credentials (data->xcred);
gnutls_deinit (data->state);
gnutls_certificate_free_credentials (data->xcred);
gnutls_deinit (data->state);
-
safe_free ((void **)
&conn->sockdata);
+
p_delete(
&conn->sockdata);
}
return raw_socket_close (conn);
}
return raw_socket_close (conn);
@@
-303,7
+308,7
@@
static int tls_compare_certificates (const gnutls_datum * peercert)
return 0;
b64_data.size = filestat.st_size + 1;
return 0;
b64_data.size = filestat.st_size + 1;
- b64_data_data =
(unsigned char *) safe_calloc (1
, b64_data.size);
+ b64_data_data =
p_new(unsigned char
, b64_data.size);
b64_data_data[b64_data.size - 1] = '\0';
b64_data.data = b64_data_data;
b64_data_data[b64_data.size - 1] = '\0';
b64_data.data = b64_data_data;
@@
-318,12
+323,12
@@
static int tls_compare_certificates (const gnutls_datum * peercert)
do {
ret = gnutls_pem_base64_decode_alloc (NULL, &b64_data, &cert);
if (ret != 0) {
do {
ret = gnutls_pem_base64_decode_alloc (NULL, &b64_data, &cert);
if (ret != 0) {
-
FREE
(&b64_data_data);
+
p_delete
(&b64_data_data);
return 0;
}
return 0;
}
- ptr = (unsigned char *) strstr (b64_data.data, CERT_SEP) + 1;
- ptr = (unsigned char *) strstr (ptr, CERT_SEP);
+ ptr = (unsigned char *) strstr (
(char*)
b64_data.data, CERT_SEP) + 1;
+ ptr = (unsigned char *) strstr (
(char*)
ptr, CERT_SEP);
b64_data.size = b64_data.size - (ptr - b64_data.data);
b64_data.data = ptr;
b64_data.size = b64_data.size - (ptr - b64_data.data);
b64_data.data = ptr;
@@
-332,7
+337,7
@@
static int tls_compare_certificates (const gnutls_datum * peercert)
if (memcmp (cert.data, peercert->data, cert.size) == 0) {
/* match found */
gnutls_free (cert.data);
if (memcmp (cert.data, peercert->data, cert.size) == 0) {
/* match found */
gnutls_free (cert.data);
-
FREE
(&b64_data_data);
+
p_delete
(&b64_data_data);
return 1;
}
}
return 1;
}
}
@@
-341,7
+346,7
@@
static int tls_compare_certificates (const gnutls_datum * peercert)
} while (ptr != NULL);
/* no match found */
} while (ptr != NULL);
/* no match found */
-
FREE
(&b64_data_data);
+
p_delete
(&b64_data_data);
return 0;
}
return 0;
}
@@
-377,7
+382,7
@@
static char *tls_make_date (time_t t, char *s, size_t len)
Weekdays[l->tm_wday], l->tm_mday, Months[l->tm_mon],
l->tm_year + 1900, l->tm_hour, l->tm_min, l->tm_sec);
else
Weekdays[l->tm_wday], l->tm_mday, Months[l->tm_mon],
l->tm_year + 1900, l->tm_hour, l->tm_min, l->tm_sec);
else
-
strfcpy (s, _("[invalid date]"), len
);
+
m_strcpy(s, len, _("[invalid date]")
);
return (s);
}
return (s);
}
@@
-411,10
+416,10
@@
static int tls_check_stored_hostname (const gnutls_datum * cert,
if (regexec (&preg, linestr, 3, pmatch, 0) == 0) {
linestr[pmatch[1].rm_eo] = '\0';
linestr[pmatch[2].rm_eo] = '\0';
if (regexec (&preg, linestr, 3, pmatch, 0) == 0) {
linestr[pmatch[1].rm_eo] = '\0';
linestr[pmatch[2].rm_eo] = '\0';
- if (
strcmp
(linestr + pmatch[1].rm_so, hostname) == 0 &&
-
strcmp
(linestr + pmatch[2].rm_so, buf) == 0) {
+ if (
m_strcmp
(linestr + pmatch[1].rm_so, hostname) == 0 &&
+
m_strcmp
(linestr + pmatch[2].rm_so, buf) == 0) {
regfree (&preg);
regfree (&preg);
-
safe_free ((void **)
&linestr);
+
p_delete(
&linestr);
fclose (fp);
return 1;
}
fclose (fp);
return 1;
}
@@
-448,10
+453,9
@@
static int tls_check_certificate (CONNECTION * conn)
MUTTMENU *menu;
int done, row, i, ret;
FILE *fp;
MUTTMENU *menu;
int done, row, i, ret;
FILE *fp;
- gnutls_x509_dn dn;
time_t t;
const gnutls_datum *cert_list;
time_t t;
const gnutls_datum *cert_list;
- int cert_list_size = 0;
+
unsigned
int cert_list_size = 0;
gnutls_certificate_status certstat;
char datestr[30];
gnutls_x509_crt cert;
gnutls_certificate_status certstat;
char datestr[30];
gnutls_x509_crt cert;
@@
-485,7
+489,7
@@
static int tls_check_certificate (CONNECTION * conn)
/* We only support X.509 certificates (not OpenPGP) at the moment */
if (gnutls_certificate_type_get (state) != GNUTLS_CRT_X509) {
/* We only support X.509 certificates (not OpenPGP) at the moment */
if (gnutls_certificate_type_get (state) != GNUTLS_CRT_X509) {
- mutt_error (_("
Error c
ertificate is not X.509"));
+ mutt_error (_("
C
ertificate is not X.509"));
mutt_sleep (2);
return 0;
}
mutt_sleep (2);
return 0;
}
@@
-583,13
+587,13
@@
static int tls_check_certificate (CONNECTION * conn)
/* interactive check from user */
menu = mutt_new_menu ();
menu->max = 25;
/* interactive check from user */
menu = mutt_new_menu ();
menu->max = 25;
- menu->dialog =
(char **) safe_calloc (1, menu->max * sizeof (char *)
);
+ menu->dialog =
p_new(char*, menu->max
);
for (i = 0; i < menu->max; i++)
for (i = 0; i < menu->max; i++)
- menu->dialog[i] =
(char *) safe_calloc (1, SHORT_STRING * sizeof (char)
);
+ menu->dialog[i] =
p_new(char, SHORT_STRING
);
row = 0;
row = 0;
-
strfcpy (menu->dialog[row], _("This certificate belongs to:")
,
-
SHORT_STRING
);
+
m_strcpy(menu->dialog[row], SHORT_STRING
,
+
_("This certificate belongs to:")
);
row++;
buflen = sizeof (dn_common_name);
row++;
buflen = sizeof (dn_common_name);
@@
-633,8
+637,8
@@
static int tls_check_certificate (CONNECTION * conn)
dn_province, dn_country);
row++;
dn_province, dn_country);
row++;
-
strfcpy (menu->dialog[row], _("This certificate was issued by:")
,
-
SHORT_STRING
);
+
m_strcpy(menu->dialog[row], SHORT_STRING
,
+
_("This certificate was issued by:")
);
row++;
buflen = sizeof (dn_common_name);
row++;
buflen = sizeof (dn_common_name);
@@
-700,30
+704,28
@@
static int tls_check_certificate (CONNECTION * conn)
if (certerr_notyetvalid) {
row++;
if (certerr_notyetvalid) {
row++;
-
strfcpy (menu->dialog[row]
,
- _("WARNING: Server certificate is not yet valid")
, SHORT_STRING
);
+
m_strcpy(menu->dialog[row], SHORT_STRING
,
+ _("WARNING: Server certificate is not yet valid"));
}
if (certerr_expired) {
row++;
}
if (certerr_expired) {
row++;
-
strfcpy (menu->dialog[row], _("WARNING: Server certificate has expired")
,
-
SHORT_STRING
);
+
m_strcpy(menu->dialog[row], SHORT_STRING
,
+
_("WARNING: Server certificate has expired")
);
}
if (certerr_revoked) {
row++;
}
if (certerr_revoked) {
row++;
-
strfcpy (menu->dialog[row]
,
- _("WARNING: Server certificate has been revoked")
, SHORT_STRING
);
+
m_strcpy(menu->dialog[row], SHORT_STRING
,
+ _("WARNING: Server certificate has been revoked"));
}
if (certerr_hostname) {
row++;
}
if (certerr_hostname) {
row++;
- strfcpy (menu->dialog[row],
- _("WARNING: Server hostname does not match certificate"),
- SHORT_STRING);
+ m_strcpy(menu->dialog[row], SHORT_STRING,
+ _("WARNING: Server hostname does not match certificate"));
}
if (certerr_signernotca) {
row++;
}
if (certerr_signernotca) {
row++;
- strfcpy (menu->dialog[row],
- _("WARNING: Signer of server certificate is not a CA"),
- SHORT_STRING);
+ m_strcpy(menu->dialog[row], SHORT_STRING,
+ _("WARNING: Signer of server certificate is not a CA"));
}
menu->title = _("TLS/SSL Certificate check");
}
menu->title = _("TLS/SSL Certificate check");
@@
-747,6
+749,7
@@
static int tls_check_certificate (CONNECTION * conn)
menu->help = helpstr;
done = 0;
menu->help = helpstr;
done = 0;
+ set_option (OPTUNBUFFEREDINPUT);
while (!done) {
switch (mutt_menuLoop (menu)) {
case -1: /* abort */
while (!done) {
switch (mutt_menuLoop (menu)) {
case -1: /* abort */
@@
-789,7
+792,10
@@
static int tls_check_certificate (CONNECTION * conn)
break;
}
}
break;
}
}
+ unset_option (OPTUNBUFFEREDINPUT);
mutt_menuDestroy (&menu);
gnutls_x509_crt_deinit (cert);
return (done == 2);
}
mutt_menuDestroy (&menu);
gnutls_x509_crt_deinit (cert);
return (done == 2);
}
+
+#endif /* USE_GNUTLS */