#include <lib-lib/mem.h>
#include <lib-lib/str.h>
#include <lib-lib/macros.h>
+#include <lib-lib/file.h>
+
+#include <lib-ui/curses.h>
+#include <lib-ui/menu.h>
#include "mutt.h"
#include "mutt_socket.h"
-#include "mutt_curses.h"
-#include "mutt_menu.h"
#include "mutt_ssl.h"
#include "lib/rx.h"
gnutls_init (&data->state, GNUTLS_CLIENT);
/* set socket */
- gnutls_transport_set_ptr (data->state, (gnutls_transport_ptr) conn->fd);
+ gnutls_transport_set_ptr (data->state, (gnutls_transport_ptr)(intptr_t)conn->fd);
/* disable TLS/SSL protocols as needed */
if (!option (OPTTLSV1) && !option (OPTSSLV3)) {
Weekdays[l->tm_wday], l->tm_mday, Months[l->tm_mon],
l->tm_year + 1900, l->tm_hour, l->tm_min, l->tm_sec);
else
- strfcpy (s, _("[invalid date]"), len);
+ m_strcpy(s, len, _("[invalid date]"));
return (s);
}
time_t t;
const gnutls_datum *cert_list;
unsigned int cert_list_size = 0;
- gnutls_certificate_status certstat;
+ gnutls_certificate_status_t certstat;
char datestr[30];
gnutls_x509_crt cert;
gnutls_datum pemdata;
return 0;
}
- certstat = gnutls_certificate_verify_peers (state);
-
- if (certstat == GNUTLS_E_NO_CERTIFICATE_FOUND) {
- mutt_error (_("Unable to get certificate from peer"));
- mutt_sleep (2);
- return 0;
- }
- if (certstat < 0) {
- mutt_error (_("Certificate verification error (%s)"),
- gnutls_strerror (certstat));
- mutt_sleep (2);
- return 0;
+ if (gnutls_certificate_verify_peers2(state, &certstat) < 0) {
+ mutt_error (_("Certificate verification error (%s)"),
+ gnutls_strerror(certstat));
+ mutt_sleep (2);
+ return 0;
}
/* We only support X.509 certificates (not OpenPGP) at the moment */
menu->dialog[i] = p_new(char, SHORT_STRING);
row = 0;
- strfcpy (menu->dialog[row], _("This certificate belongs to:"),
- SHORT_STRING);
+ m_strcpy(menu->dialog[row], SHORT_STRING,
+ _("This certificate belongs to:"));
row++;
buflen = sizeof (dn_common_name);
dn_province, dn_country);
row++;
- strfcpy (menu->dialog[row], _("This certificate was issued by:"),
- SHORT_STRING);
+ m_strcpy(menu->dialog[row], SHORT_STRING,
+ _("This certificate was issued by:"));
row++;
buflen = sizeof (dn_common_name);
if (certerr_notyetvalid) {
row++;
- strfcpy (menu->dialog[row],
- _("WARNING: Server certificate is not yet valid"), SHORT_STRING);
+ m_strcpy(menu->dialog[row], SHORT_STRING,
+ _("WARNING: Server certificate is not yet valid"));
}
if (certerr_expired) {
row++;
- strfcpy (menu->dialog[row], _("WARNING: Server certificate has expired"),
- SHORT_STRING);
+ m_strcpy(menu->dialog[row], SHORT_STRING,
+ _("WARNING: Server certificate has expired"));
}
if (certerr_revoked) {
row++;
- strfcpy (menu->dialog[row],
- _("WARNING: Server certificate has been revoked"), SHORT_STRING);
+ m_strcpy(menu->dialog[row], SHORT_STRING,
+ _("WARNING: Server certificate has been revoked"));
}
if (certerr_hostname) {
row++;
- strfcpy (menu->dialog[row],
- _("WARNING: Server hostname does not match certificate"),
- SHORT_STRING);
+ m_strcpy(menu->dialog[row], SHORT_STRING,
+ _("WARNING: Server hostname does not match certificate"));
}
if (certerr_signernotca) {
row++;
- strfcpy (menu->dialog[row],
- _("WARNING: Signer of server certificate is not a CA"),
- SHORT_STRING);
+ m_strcpy(menu->dialog[row], SHORT_STRING,
+ _("WARNING: Signer of server certificate is not a CA"));
}
menu->title = _("TLS/SSL Certificate check");
projects / apps / madmutt.git / blobdiff