X-Git-Url: http://git.madism.org/?p=apps%2Fmadmutt.git;a=blobdiff_plain;f=lib-sys%2Fmutt_ssl_gnutls.c;h=d2663581e1e51bd96553a69dfd7611c8fcb7fcf7;hp=a6790485cb2c40d598d6bcf56589b7897044c532;hb=8fac066483c9ae3176984527c037190fca9dc7f0;hpb=ccf2b75a9ed50a79c4d8e5d6235c7313fcd3719a diff --git a/lib-sys/mutt_ssl_gnutls.c b/lib-sys/mutt_ssl_gnutls.c index a679048..d266358 100644 --- a/lib-sys/mutt_ssl_gnutls.c +++ b/lib-sys/mutt_ssl_gnutls.c @@ -8,11 +8,7 @@ * please see the file GPL in the top level source directory. */ -#if HAVE_CONFIG_H -# include "config.h" -#endif - -#ifdef USE_GNUTLS +#include #include #include @@ -20,18 +16,11 @@ #include #endif -#include -#include -#include -#include -#include - #include #include #include "mutt.h" #include "mutt_socket.h" -#include "mutt_ssl.h" typedef struct _tlssockdata { gnutls_session state; @@ -39,8 +28,8 @@ typedef struct _tlssockdata { } tlssockdata; /* local prototypes */ -static int tls_socket_read (CONNECTION * conn, char *buf, size_t len); -static int tls_socket_write (CONNECTION * conn, const char *buf, size_t len); +static int tls_socket_read (CONNECTION * conn, char *buf, ssize_t len); +static int tls_socket_write (CONNECTION * conn, const char *buf, ssize_t len); static int tls_socket_open (CONNECTION * conn); static int tls_socket_close (CONNECTION * conn); static int tls_starttls_close (CONNECTION * conn); @@ -82,7 +71,7 @@ int mutt_ssl_socket_setup (CONNECTION * conn) return 0; } -static int tls_socket_read (CONNECTION * conn, char *buf, size_t len) +static int tls_socket_read (CONNECTION * conn, char *buf, ssize_t len) { tlssockdata *data = conn->sockdata; int ret; @@ -102,7 +91,7 @@ static int tls_socket_read (CONNECTION * conn, char *buf, size_t len) return ret; } -static int tls_socket_write (CONNECTION * conn, const char *buf, size_t len) +static int tls_socket_write (CONNECTION * conn, const char *buf, ssize_t len) { tlssockdata *data = conn->sockdata; int ret; @@ -318,7 +307,7 @@ static int tls_compare_certificates (const gnutls_datum * peercert) } b64_data.size = fread (b64_data.data, 1, b64_data.size, fd1); - fclose (fd1); + m_fclose(&fd1); do { ret = gnutls_pem_base64_decode_alloc (NULL, &b64_data, &cert); @@ -353,13 +342,13 @@ static int tls_compare_certificates (const gnutls_datum * peercert) static void tls_fingerprint (gnutls_digest_algorithm algo, char *s, int l, const gnutls_datum * data) { - unsigned char md[36]; - size_t n; + char md[36]; + ssize_t n; int j; n = 36; - if (gnutls_fingerprint (algo, data, (char *) md, &n) < 0) { + if (gnutls_fingerprint(algo, data, md, (size_t *)&n) < 0) { snprintf (s, l, _("[unable to calculate]")); } else { @@ -373,7 +362,7 @@ static void tls_fingerprint (gnutls_digest_algorithm algo, } } -static char *tls_make_date (time_t t, char *s, size_t len) +static char *tls_make_date (time_t t, char *s, ssize_t len) { struct tm *l = gmtime (&t); @@ -393,7 +382,7 @@ static int tls_check_stored_hostname (const gnutls_datum * cert, char buf[80]; FILE *fp; char *linestr = NULL; - size_t linestrsize; + ssize_t linestrsize; int linenum = 0; regex_t preg; regmatch_t pmatch[3]; @@ -420,7 +409,7 @@ static int tls_check_stored_hostname (const gnutls_datum * cert, m_strcmp(linestr + pmatch[2].rm_so, buf) == 0) { regfree (&preg); p_delete(&linestr); - fclose (fp); + m_fclose(&fp); return 1; } } @@ -428,7 +417,7 @@ static int tls_check_stored_hostname (const gnutls_datum * cert, } regfree (&preg); - fclose (fp); + m_fclose(&fp); } /* not found a matching name */ @@ -439,17 +428,17 @@ static int tls_check_certificate (CONNECTION * conn) { tlssockdata *data = conn->sockdata; gnutls_session state = data->state; - char helpstr[SHORT_STRING]; - char buf[SHORT_STRING]; - char fpbuf[SHORT_STRING]; - size_t buflen; - char dn_common_name[SHORT_STRING]; - char dn_email[SHORT_STRING]; - char dn_organization[SHORT_STRING]; - char dn_organizational_unit[SHORT_STRING]; - char dn_locality[SHORT_STRING]; - char dn_province[SHORT_STRING]; - char dn_country[SHORT_STRING]; + char helpstr[STRING]; + char buf[STRING]; + char fpbuf[STRING]; + ssize_t buflen; + char dn_common_name[STRING]; + char dn_email[STRING]; + char dn_organization[STRING]; + char dn_organizational_unit[STRING]; + char dn_locality[STRING]; + char dn_province[STRING]; + char dn_country[STRING]; MUTTMENU *menu; int done, row, i, ret; FILE *fp; @@ -582,142 +571,142 @@ static int tls_check_certificate (CONNECTION * conn) menu->max = 25; menu->dialog = p_new(char*, menu->max); for (i = 0; i < menu->max; i++) - menu->dialog[i] = p_new(char, SHORT_STRING); + menu->dialog[i] = p_new(char, STRING); row = 0; - m_strcpy(menu->dialog[row], SHORT_STRING, + m_strcpy(menu->dialog[row], STRING, _("This certificate belongs to:")); row++; buflen = sizeof (dn_common_name); if (gnutls_x509_crt_get_dn_by_oid (cert, GNUTLS_OID_X520_COMMON_NAME, 0, 0, - dn_common_name, &buflen) != 0) + dn_common_name, (size_t *)&buflen) != 0) dn_common_name[0] = '\0'; buflen = sizeof (dn_email); if (gnutls_x509_crt_get_dn_by_oid (cert, GNUTLS_OID_PKCS9_EMAIL, 0, 0, - dn_email, &buflen) != 0) + dn_email, (size_t *)&buflen) != 0) dn_email[0] = '\0'; buflen = sizeof (dn_organization); if (gnutls_x509_crt_get_dn_by_oid (cert, GNUTLS_OID_X520_ORGANIZATION_NAME, 0, 0, dn_organization, - &buflen) != 0) + (size_t *)&buflen) != 0) dn_organization[0] = '\0'; buflen = sizeof (dn_organizational_unit); if (gnutls_x509_crt_get_dn_by_oid (cert, GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME, 0, 0, - dn_organizational_unit, &buflen) != 0) + dn_organizational_unit, (size_t *)&buflen) != 0) dn_organizational_unit[0] = '\0'; buflen = sizeof (dn_locality); if (gnutls_x509_crt_get_dn_by_oid - (cert, GNUTLS_OID_X520_LOCALITY_NAME, 0, 0, dn_locality, &buflen) != 0) + (cert, GNUTLS_OID_X520_LOCALITY_NAME, 0, 0, dn_locality, (size_t *)&buflen) != 0) dn_locality[0] = '\0'; buflen = sizeof (dn_province); if (gnutls_x509_crt_get_dn_by_oid (cert, GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME, 0, 0, dn_province, - &buflen) != 0) + (size_t *)&buflen) != 0) dn_province[0] = '\0'; buflen = sizeof (dn_country); if (gnutls_x509_crt_get_dn_by_oid (cert, GNUTLS_OID_X520_COUNTRY_NAME, 0, 0, - dn_country, &buflen) != 0) + dn_country, (size_t *)&buflen) != 0) dn_country[0] = '\0'; - snprintf (menu->dialog[row++], SHORT_STRING, " %s %s", dn_common_name, + snprintf (menu->dialog[row++], STRING, " %s %s", dn_common_name, dn_email); - snprintf (menu->dialog[row++], SHORT_STRING, " %s", dn_organization); - snprintf (menu->dialog[row++], SHORT_STRING, " %s", + snprintf (menu->dialog[row++], STRING, " %s", dn_organization); + snprintf (menu->dialog[row++], STRING, " %s", dn_organizational_unit); - snprintf (menu->dialog[row++], SHORT_STRING, " %s %s %s", dn_locality, + snprintf (menu->dialog[row++], STRING, " %s %s %s", dn_locality, dn_province, dn_country); row++; - m_strcpy(menu->dialog[row], SHORT_STRING, + m_strcpy(menu->dialog[row], STRING, _("This certificate was issued by:")); row++; buflen = sizeof (dn_common_name); if (gnutls_x509_crt_get_issuer_dn_by_oid - (cert, GNUTLS_OID_X520_COMMON_NAME, 0, 0, dn_common_name, &buflen) != 0) + (cert, GNUTLS_OID_X520_COMMON_NAME, 0, 0, dn_common_name, (size_t *)&buflen) != 0) dn_common_name[0] = '\0'; buflen = sizeof (dn_email); if (gnutls_x509_crt_get_issuer_dn_by_oid - (cert, GNUTLS_OID_PKCS9_EMAIL, 0, 0, dn_email, &buflen) != 0) + (cert, GNUTLS_OID_PKCS9_EMAIL, 0, 0, dn_email, (size_t *)&buflen) != 0) dn_email[0] = '\0'; buflen = sizeof (dn_organization); if (gnutls_x509_crt_get_issuer_dn_by_oid (cert, GNUTLS_OID_X520_ORGANIZATION_NAME, 0, 0, dn_organization, - &buflen) != 0) + (size_t *)&buflen) != 0) dn_organization[0] = '\0'; buflen = sizeof (dn_organizational_unit); if (gnutls_x509_crt_get_issuer_dn_by_oid (cert, GNUTLS_OID_X520_ORGANIZATIONAL_UNIT_NAME, 0, 0, - dn_organizational_unit, &buflen) != 0) + dn_organizational_unit, (size_t *)&buflen) != 0) dn_organizational_unit[0] = '\0'; buflen = sizeof (dn_locality); if (gnutls_x509_crt_get_issuer_dn_by_oid - (cert, GNUTLS_OID_X520_LOCALITY_NAME, 0, 0, dn_locality, &buflen) != 0) + (cert, GNUTLS_OID_X520_LOCALITY_NAME, 0, 0, dn_locality, (size_t *)&buflen) != 0) dn_locality[0] = '\0'; buflen = sizeof (dn_province); if (gnutls_x509_crt_get_issuer_dn_by_oid (cert, GNUTLS_OID_X520_STATE_OR_PROVINCE_NAME, 0, 0, dn_province, - &buflen) != 0) + (size_t *)&buflen) != 0) dn_province[0] = '\0'; buflen = sizeof (dn_country); if (gnutls_x509_crt_get_issuer_dn_by_oid - (cert, GNUTLS_OID_X520_COUNTRY_NAME, 0, 0, dn_country, &buflen) != 0) + (cert, GNUTLS_OID_X520_COUNTRY_NAME, 0, 0, dn_country, (size_t *)&buflen) != 0) dn_country[0] = '\0'; - snprintf (menu->dialog[row++], SHORT_STRING, " %s %s", dn_common_name, + snprintf (menu->dialog[row++], STRING, " %s %s", dn_common_name, dn_email); - snprintf (menu->dialog[row++], SHORT_STRING, " %s", dn_organization); - snprintf (menu->dialog[row++], SHORT_STRING, " %s", + snprintf (menu->dialog[row++], STRING, " %s", dn_organization); + snprintf (menu->dialog[row++], STRING, " %s", dn_organizational_unit); - snprintf (menu->dialog[row++], SHORT_STRING, " %s %s %s", dn_locality, + snprintf (menu->dialog[row++], STRING, " %s %s %s", dn_locality, dn_province, dn_country); row++; - snprintf (menu->dialog[row++], SHORT_STRING, + snprintf (menu->dialog[row++], STRING, _("This certificate is valid")); t = gnutls_x509_crt_get_activation_time (cert); - snprintf (menu->dialog[row++], SHORT_STRING, _(" from %s"), + snprintf (menu->dialog[row++], STRING, _(" from %s"), tls_make_date (t, datestr, 30)); t = gnutls_x509_crt_get_expiration_time (cert); - snprintf (menu->dialog[row++], SHORT_STRING, _(" to %s"), + snprintf (menu->dialog[row++], STRING, _(" to %s"), tls_make_date (t, datestr, 30)); fpbuf[0] = '\0'; tls_fingerprint (GNUTLS_DIG_SHA, fpbuf, sizeof (fpbuf), &cert_list[0]); - snprintf (menu->dialog[row++], SHORT_STRING, _("SHA1 Fingerprint: %s"), + snprintf (menu->dialog[row++], STRING, _("SHA1 Fingerprint: %s"), fpbuf); fpbuf[0] = '\0'; tls_fingerprint (GNUTLS_DIG_MD5, fpbuf, sizeof (fpbuf), &cert_list[0]); - snprintf (menu->dialog[row++], SHORT_STRING, _("MD5 Fingerprint: %s"), + snprintf (menu->dialog[row++], STRING, _("MD5 Fingerprint: %s"), fpbuf); if (certerr_notyetvalid) { row++; - m_strcpy(menu->dialog[row], SHORT_STRING, + m_strcpy(menu->dialog[row], STRING, _("WARNING: Server certificate is not yet valid")); } if (certerr_expired) { row++; - m_strcpy(menu->dialog[row], SHORT_STRING, + m_strcpy(menu->dialog[row], STRING, _("WARNING: Server certificate has expired")); } if (certerr_revoked) { row++; - m_strcpy(menu->dialog[row], SHORT_STRING, + m_strcpy(menu->dialog[row], STRING, _("WARNING: Server certificate has been revoked")); } if (certerr_hostname) { row++; - m_strcpy(menu->dialog[row], SHORT_STRING, + m_strcpy(menu->dialog[row], STRING, _("WARNING: Server hostname does not match certificate")); } if (certerr_signernotca) { row++; - m_strcpy(menu->dialog[row], SHORT_STRING, + m_strcpy(menu->dialog[row], STRING, _("WARNING: Signer of server certificate is not a CA")); } @@ -769,7 +758,7 @@ static int tls_check_certificate (CONNECTION * conn) gnutls_free (pemdata.data); } } - fclose (fp); + m_fclose(&fp); } if (!done) { mutt_error (_("Warning: Couldn't save certificate")); @@ -790,5 +779,3 @@ static int tls_check_certificate (CONNECTION * conn) gnutls_x509_crt_deinit (cert); return (done == 2); } - -#endif /* USE_GNUTLS */