X-Git-Url: http://git.madism.org/?p=apps%2Fmadmutt.git;a=blobdiff_plain;f=mutt_ssl_gnutls.c;h=61a2da8e66774b405b1bc7e95bd66882d1d4b8a7;hp=5bf6b5aee49d6fc1a55e1f6088a8c6df31fcdaa2;hb=170858b383d48f00f5539517d668a1c41aa80cb1;hpb=74a2265af51ce89bca845adc1d68f273c9933c13

diff --git a/mutt_ssl_gnutls.c b/mutt_ssl_gnutls.c
index 5bf6b5a..61a2da8 100644
--- a/mutt_ssl_gnutls.c
+++ b/mutt_ssl_gnutls.c
@@ -12,21 +12,26 @@
 # include "config.h"
 #endif
 
+#ifdef USE_GNUTLS
+
 #include <gnutls/gnutls.h>
 #include <gnutls/x509.h>
 #ifdef HAVE_GNUTLS_OPENSSL_H
 #include <gnutls/openssl.h>
 #endif
 
+#include <lib-lib/mem.h>
+#include <lib-lib/str.h>
+#include <lib-lib/macros.h>
+#include <lib-lib/file.h>
+
 #include "mutt.h"
 #include "mutt_socket.h"
 #include "mutt_curses.h"
 #include "mutt_menu.h"
 #include "mutt_ssl.h"
-#include "mutt_regex.h"
 
-#include "lib/mem.h"
-#include "lib/intl.h"
+#include "lib/rx.h"
 
 typedef struct _tlssockdata {
   gnutls_session state;
@@ -55,7 +60,7 @@ static int tls_init (void)
 
   err = gnutls_global_init ();
   if (err < 0) {
-    mutt_error ("gnutls_global_init: %s", gnutls_strerror (err));
+    mutt_error (_("gnutls_global_init: %s"), gnutls_strerror (err));
     mutt_sleep (2);
     return -1;
   }
@@ -64,7 +69,7 @@ static int tls_init (void)
   return 0;
 }
 
-int mutt_gnutls_socket_setup (CONNECTION * conn)
+int mutt_ssl_socket_setup (CONNECTION * conn)
 {
   if (tls_init () < 0)
     return -1;
@@ -83,14 +88,14 @@ static int tls_socket_read (CONNECTION * conn, char *buf, size_t len)
   int ret;
 
   if (!data) {
-    mutt_error ("Error: no TLS socket open");
+    mutt_error (_("Error: no TLS socket open"));
     mutt_sleep (2);
     return -1;
   }
 
   ret = gnutls_record_recv (data->state, buf, len);
   if (gnutls_error_is_fatal (ret) == 1) {
-    mutt_error ("tls_socket_read (%s)", gnutls_strerror (ret));
+    mutt_error (_("tls_socket_read (%s)"), gnutls_strerror (ret));
     mutt_sleep (4);
     return -1;
   }
@@ -103,14 +108,14 @@ static int tls_socket_write (CONNECTION * conn, const char *buf, size_t len)
   int ret;
 
   if (!data) {
-    mutt_error ("Error: no TLS socket open");
+    mutt_error (_("Error: no TLS socket open"));
     mutt_sleep (2);
     return -1;
   }
 
   ret = gnutls_record_send (data->state, buf, len);
   if (gnutls_error_is_fatal (ret) == 1) {
-    mutt_error ("tls_socket_write (%s)", gnutls_strerror (ret));
+    mutt_error (_("tls_socket_write (%s)"), gnutls_strerror (ret));
     mutt_sleep (4);
     return -1;
   }
@@ -130,7 +135,7 @@ static int tls_socket_open (CONNECTION * conn)
   return 0;
 }
 
-int mutt_gnutls_starttls (CONNECTION * conn)
+int mutt_ssl_starttls (CONNECTION * conn)
 {
   if (tls_init () < 0)
     return -1;
@@ -154,12 +159,12 @@ static int tls_negotiate (CONNECTION * conn)
   tlssockdata *data;
   int err;
 
-  data = (tlssockdata *) safe_calloc (1, sizeof (tlssockdata));
+  data = p_new(tlssockdata, 1);
   conn->sockdata = data;
   err = gnutls_certificate_allocate_credentials (&data->xcred);
   if (err < 0) {
-    FREE (&conn->sockdata);
-    mutt_error ("gnutls_certificate_allocate_credentials: %s",
+    p_delete(&conn->sockdata);
+    mutt_error (_("gnutls_certificate_allocate_credentials: %s"),
                 gnutls_strerror (err));
     mutt_sleep (2);
     return -1;
@@ -224,11 +229,11 @@ static int tls_negotiate (CONNECTION * conn)
   }
   if (err < 0) {
     if (err == GNUTLS_E_FATAL_ALERT_RECEIVED) {
-      mutt_error ("gnutls_handshake: %s(%s)", gnutls_strerror (err),
+      mutt_error (_("gnutls_handshake: %s(%s)"), gnutls_strerror (err),
                   gnutls_alert_get_name (gnutls_alert_get (data->state)));
     }
     else {
-      mutt_error ("gnutls_handshake: %s", gnutls_strerror (err));
+      mutt_error (_("gnutls_handshake: %s"), gnutls_strerror (err));
     }
     mutt_sleep (2);
     goto fail;
@@ -255,7 +260,7 @@ static int tls_negotiate (CONNECTION * conn)
 fail:
   gnutls_certificate_free_credentials (data->xcred);
   gnutls_deinit (data->state);
-  FREE (&conn->sockdata);
+  p_delete(&conn->sockdata);
   return -1;
 }
 
@@ -268,7 +273,7 @@ static int tls_socket_close (CONNECTION * conn)
 
     gnutls_certificate_free_credentials (data->xcred);
     gnutls_deinit (data->state);
-    safe_free ((void **) &conn->sockdata);
+    p_delete(&conn->sockdata);
   }
 
   return raw_socket_close (conn);
@@ -303,7 +308,7 @@ static int tls_compare_certificates (const gnutls_datum * peercert)
     return 0;
 
   b64_data.size = filestat.st_size + 1;
-  b64_data_data = (unsigned char *) safe_calloc (1, b64_data.size);
+  b64_data_data = p_new(unsigned char, b64_data.size);
   b64_data_data[b64_data.size - 1] = '\0';
   b64_data.data = b64_data_data;
 
@@ -318,12 +323,12 @@ static int tls_compare_certificates (const gnutls_datum * peercert)
   do {
     ret = gnutls_pem_base64_decode_alloc (NULL, &b64_data, &cert);
     if (ret != 0) {
-      FREE (&b64_data_data);
+      p_delete(&b64_data_data);
       return 0;
     }
 
-    ptr = (unsigned char *) strstr (b64_data.data, CERT_SEP) + 1;
-    ptr = (unsigned char *) strstr (ptr, CERT_SEP);
+    ptr = (unsigned char *) strstr ((char*) b64_data.data, CERT_SEP) + 1;
+    ptr = (unsigned char *) strstr ((char*) ptr, CERT_SEP);
 
     b64_data.size = b64_data.size - (ptr - b64_data.data);
     b64_data.data = ptr;
@@ -332,7 +337,7 @@ static int tls_compare_certificates (const gnutls_datum * peercert)
       if (memcmp (cert.data, peercert->data, cert.size) == 0) {
         /* match found */
         gnutls_free (cert.data);
-        FREE (&b64_data_data);
+        p_delete(&b64_data_data);
         return 1;
       }
     }
@@ -341,7 +346,7 @@ static int tls_compare_certificates (const gnutls_datum * peercert)
   } while (ptr != NULL);
 
   /* no match found */
-  FREE (&b64_data_data);
+  p_delete(&b64_data_data);
   return 0;
 }
 
@@ -377,7 +382,7 @@ static char *tls_make_date (time_t t, char *s, size_t len)
               Weekdays[l->tm_wday], l->tm_mday, Months[l->tm_mon],
               l->tm_year + 1900, l->tm_hour, l->tm_min, l->tm_sec);
   else
-    strfcpy (s, _("[invalid date]"), len);
+    m_strcpy(s, len, _("[invalid date]"));
 
   return (s);
 }
@@ -411,10 +416,10 @@ static int tls_check_stored_hostname (const gnutls_datum * cert,
         if (regexec (&preg, linestr, 3, pmatch, 0) == 0) {
           linestr[pmatch[1].rm_eo] = '\0';
           linestr[pmatch[2].rm_eo] = '\0';
-          if (strcmp (linestr + pmatch[1].rm_so, hostname) == 0 &&
-              strcmp (linestr + pmatch[2].rm_so, buf) == 0) {
+          if (m_strcmp(linestr + pmatch[1].rm_so, hostname) == 0 &&
+              m_strcmp(linestr + pmatch[2].rm_so, buf) == 0) {
             regfree (&preg);
-            safe_free ((void **) &linestr);
+            p_delete(&linestr);
             fclose (fp);
             return 1;
           }
@@ -448,10 +453,9 @@ static int tls_check_certificate (CONNECTION * conn)
   MUTTMENU *menu;
   int done, row, i, ret;
   FILE *fp;
-  gnutls_x509_dn dn;
   time_t t;
   const gnutls_datum *cert_list;
-  int cert_list_size = 0;
+  unsigned int cert_list_size = 0;
   gnutls_certificate_status certstat;
   char datestr[30];
   gnutls_x509_crt cert;
@@ -485,7 +489,7 @@ static int tls_check_certificate (CONNECTION * conn)
 
   /* We only support X.509 certificates (not OpenPGP) at the moment */
   if (gnutls_certificate_type_get (state) != GNUTLS_CRT_X509) {
-    mutt_error (_("Error certificate is not X.509"));
+    mutt_error (_("Certificate is not X.509"));
     mutt_sleep (2);
     return 0;
   }
@@ -583,13 +587,13 @@ static int tls_check_certificate (CONNECTION * conn)
   /* interactive check from user */
   menu = mutt_new_menu ();
   menu->max = 25;
-  menu->dialog = (char **) safe_calloc (1, menu->max * sizeof (char *));
+  menu->dialog = p_new(char*, menu->max);
   for (i = 0; i < menu->max; i++)
-    menu->dialog[i] = (char *) safe_calloc (1, SHORT_STRING * sizeof (char));
+    menu->dialog[i] = p_new(char, SHORT_STRING);
 
   row = 0;
-  strfcpy (menu->dialog[row], _("This certificate belongs to:"),
-           SHORT_STRING);
+  m_strcpy(menu->dialog[row], SHORT_STRING,
+           _("This certificate belongs to:"));
   row++;
 
   buflen = sizeof (dn_common_name);
@@ -633,8 +637,8 @@ static int tls_check_certificate (CONNECTION * conn)
             dn_province, dn_country);
   row++;
 
-  strfcpy (menu->dialog[row], _("This certificate was issued by:"),
-           SHORT_STRING);
+  m_strcpy(menu->dialog[row], SHORT_STRING,
+           _("This certificate was issued by:"));
   row++;
 
   buflen = sizeof (dn_common_name);
@@ -700,30 +704,28 @@ static int tls_check_certificate (CONNECTION * conn)
 
   if (certerr_notyetvalid) {
     row++;
-    strfcpy (menu->dialog[row],
-             _("WARNING: Server certificate is not yet valid"), SHORT_STRING);
+    m_strcpy(menu->dialog[row], SHORT_STRING,
+             _("WARNING: Server certificate is not yet valid"));
   }
   if (certerr_expired) {
     row++;
-    strfcpy (menu->dialog[row], _("WARNING: Server certificate has expired"),
-             SHORT_STRING);
+    m_strcpy(menu->dialog[row], SHORT_STRING,
+             _("WARNING: Server certificate has expired"));
   }
   if (certerr_revoked) {
     row++;
-    strfcpy (menu->dialog[row],
-             _("WARNING: Server certificate has been revoked"), SHORT_STRING);
+    m_strcpy(menu->dialog[row], SHORT_STRING,
+             _("WARNING: Server certificate has been revoked"));
   }
   if (certerr_hostname) {
     row++;
-    strfcpy (menu->dialog[row],
-             _("WARNING: Server hostname does not match certificate"),
-             SHORT_STRING);
+    m_strcpy(menu->dialog[row], SHORT_STRING,
+             _("WARNING: Server hostname does not match certificate"));
   }
   if (certerr_signernotca) {
     row++;
-    strfcpy (menu->dialog[row],
-             _("WARNING: Signer of server certificate is not a CA"),
-             SHORT_STRING);
+    m_strcpy(menu->dialog[row], SHORT_STRING,
+             _("WARNING: Signer of server certificate is not a CA"));
   }
 
   menu->title = _("TLS/SSL Certificate check");
@@ -747,6 +749,7 @@ static int tls_check_certificate (CONNECTION * conn)
   menu->help = helpstr;
 
   done = 0;
+  set_option (OPTUNBUFFEREDINPUT);
   while (!done) {
     switch (mutt_menuLoop (menu)) {
     case -1:                   /* abort */
@@ -789,7 +792,10 @@ static int tls_check_certificate (CONNECTION * conn)
       break;
     }
   }
+  unset_option (OPTUNBUFFEREDINPUT);
   mutt_menuDestroy (&menu);
   gnutls_x509_crt_deinit (cert);
   return (done == 2);
 }
+
+#endif /* USE_GNUTLS */