X-Git-Url: http://git.madism.org/?a=blobdiff_plain;f=mutt_ssl_gnutls.c;h=93820544557dcf89e65e4ab75a5fee18777b3073;hb=201fd8633cc86ccda413c919ae6e2ae04e89b4a9;hp=134828bf86a81faf150661bcf6ee98a493da7738;hpb=617e7d83d14e14e6a520a48e75437211b16c8834;p=apps%2Fmadmutt.git

diff --git a/mutt_ssl_gnutls.c b/mutt_ssl_gnutls.c
index 134828b..9382054 100644
--- a/mutt_ssl_gnutls.c
+++ b/mutt_ssl_gnutls.c
@@ -21,15 +21,17 @@
 #endif
 
 #include <lib-lib/mem.h>
+#include <lib-lib/str.h>
+#include <lib-lib/macros.h>
+#include <lib-lib/file.h>
+
+#include <lib-ui/curses.h>
+#include <lib-ui/menu.h>
 
 #include "mutt.h"
 #include "mutt_socket.h"
-#include "mutt_curses.h"
-#include "mutt_menu.h"
 #include "mutt_ssl.h"
 
-#include "lib/str.h"
-#include "lib/intl.h"
 #include "lib/rx.h"
 
 typedef struct _tlssockdata {
@@ -186,7 +188,7 @@ static int tls_negotiate (CONNECTION * conn)
   gnutls_init (&data->state, GNUTLS_CLIENT);
 
   /* set socket */
-  gnutls_transport_set_ptr (data->state, (gnutls_transport_ptr) conn->fd);
+  gnutls_transport_set_ptr (data->state, (gnutls_transport_ptr)(intptr_t)conn->fd);
 
   /* disable TLS/SSL protocols as needed */
   if (!option (OPTTLSV1) && !option (OPTSSLV3)) {
@@ -381,7 +383,7 @@ static char *tls_make_date (time_t t, char *s, size_t len)
               Weekdays[l->tm_wday], l->tm_mday, Months[l->tm_mon],
               l->tm_year + 1900, l->tm_hour, l->tm_min, l->tm_sec);
   else
-    strfcpy (s, _("[invalid date]"), len);
+    m_strcpy(s, len, _("[invalid date]"));
 
   return (s);
 }
@@ -415,8 +417,8 @@ static int tls_check_stored_hostname (const gnutls_datum * cert,
         if (regexec (&preg, linestr, 3, pmatch, 0) == 0) {
           linestr[pmatch[1].rm_eo] = '\0';
           linestr[pmatch[2].rm_eo] = '\0';
-          if (str_cmp (linestr + pmatch[1].rm_so, hostname) == 0 &&
-              str_cmp (linestr + pmatch[2].rm_so, buf) == 0) {
+          if (m_strcmp(linestr + pmatch[1].rm_so, hostname) == 0 &&
+              m_strcmp(linestr + pmatch[2].rm_so, buf) == 0) {
             regfree (&preg);
             p_delete(&linestr);
             fclose (fp);
@@ -455,7 +457,7 @@ static int tls_check_certificate (CONNECTION * conn)
   time_t t;
   const gnutls_datum *cert_list;
   unsigned int cert_list_size = 0;
-  gnutls_certificate_status certstat;
+  gnutls_certificate_status_t certstat;
   char datestr[30];
   gnutls_x509_crt cert;
   gnutls_datum pemdata;
@@ -472,18 +474,11 @@ static int tls_check_certificate (CONNECTION * conn)
     return 0;
   }
 
-  certstat = gnutls_certificate_verify_peers (state);
-
-  if (certstat == GNUTLS_E_NO_CERTIFICATE_FOUND) {
-    mutt_error (_("Unable to get certificate from peer"));
-    mutt_sleep (2);
-    return 0;
-  }
-  if (certstat < 0) {
-    mutt_error (_("Certificate verification error (%s)"),
-                gnutls_strerror (certstat));
-    mutt_sleep (2);
-    return 0;
+  if (gnutls_certificate_verify_peers2(state, &certstat) < 0) {
+      mutt_error (_("Certificate verification error (%s)"),
+                  gnutls_strerror(certstat));
+      mutt_sleep (2);
+      return 0;
   }
 
   /* We only support X.509 certificates (not OpenPGP) at the moment */
@@ -591,8 +586,8 @@ static int tls_check_certificate (CONNECTION * conn)
     menu->dialog[i] = p_new(char, SHORT_STRING);
 
   row = 0;
-  strfcpy (menu->dialog[row], _("This certificate belongs to:"),
-           SHORT_STRING);
+  m_strcpy(menu->dialog[row], SHORT_STRING,
+           _("This certificate belongs to:"));
   row++;
 
   buflen = sizeof (dn_common_name);
@@ -636,8 +631,8 @@ static int tls_check_certificate (CONNECTION * conn)
             dn_province, dn_country);
   row++;
 
-  strfcpy (menu->dialog[row], _("This certificate was issued by:"),
-           SHORT_STRING);
+  m_strcpy(menu->dialog[row], SHORT_STRING,
+           _("This certificate was issued by:"));
   row++;
 
   buflen = sizeof (dn_common_name);
@@ -703,30 +698,28 @@ static int tls_check_certificate (CONNECTION * conn)
 
   if (certerr_notyetvalid) {
     row++;
-    strfcpy (menu->dialog[row],
-             _("WARNING: Server certificate is not yet valid"), SHORT_STRING);
+    m_strcpy(menu->dialog[row], SHORT_STRING,
+             _("WARNING: Server certificate is not yet valid"));
   }
   if (certerr_expired) {
     row++;
-    strfcpy (menu->dialog[row], _("WARNING: Server certificate has expired"),
-             SHORT_STRING);
+    m_strcpy(menu->dialog[row], SHORT_STRING,
+             _("WARNING: Server certificate has expired"));
   }
   if (certerr_revoked) {
     row++;
-    strfcpy (menu->dialog[row],
-             _("WARNING: Server certificate has been revoked"), SHORT_STRING);
+    m_strcpy(menu->dialog[row], SHORT_STRING,
+             _("WARNING: Server certificate has been revoked"));
   }
   if (certerr_hostname) {
     row++;
-    strfcpy (menu->dialog[row],
-             _("WARNING: Server hostname does not match certificate"),
-             SHORT_STRING);
+    m_strcpy(menu->dialog[row], SHORT_STRING,
+             _("WARNING: Server hostname does not match certificate"));
   }
   if (certerr_signernotca) {
     row++;
-    strfcpy (menu->dialog[row],
-             _("WARNING: Signer of server certificate is not a CA"),
-             SHORT_STRING);
+    m_strcpy(menu->dialog[row], SHORT_STRING,
+             _("WARNING: Signer of server certificate is not a CA"));
   }
 
   menu->title = _("TLS/SSL Certificate check");