static void ssl_manager_delete_cb(GtkWidget *widget, gpointer data) { SSLCertificate *cert; int val; GtkTreeIter sel; GtkTreeModel *model; if (!gtk_tree_selection_get_selected(gtk_tree_view_get_selection (GTK_TREE_VIEW(manager.certlist)), &model, &sel)) return; gtk_tree_model_get(model, &sel, SSL_MANAGER_CERT, &cert, -1); if (!cert) return; val = alertpanel_full(_("Delete certificate"), _("Do you really want to delete this certificate?"), GTK_STOCK_CANCEL, GTK_STOCK_DELETE, NULL, FALSE, NULL, ALERT_WARNING, G_ALERTDEFAULT); if (val != G_ALERTALTERNATE) return; ssl_certificate_delete_from_disk(cert); ssl_certificate_destroy(cert); gtk_list_store_remove(GTK_LIST_STORE(model), &sel); }
static void ssl_manager_delete_cb(GtkWidget *widget, gpointer data) { SSLCertificate *cert; GList *rowlist; int val; rowlist = GTK_CLIST(manager.certlist)->selection; if (!rowlist) return; cert = gtk_ctree_node_get_row_data (GTK_CTREE(manager.certlist), GTK_CTREE_NODE(rowlist->data)); if (!cert) return; val = alertpanel(_("Delete certificate"), _("Do you really want to delete this certificate?"), _("Yes"), _("+No"), NULL); if (val != G_ALERTDEFAULT) return; ssl_certificate_delete_from_disk(cert); ssl_certificate_destroy(cert); gtk_ctree_remove_node(GTK_CTREE(manager.certlist), GTK_CTREE_NODE(rowlist->data)); }
static void ssl_manager_delete_cb(GtkWidget *widget, gpointer data) { SSLCertificate *cert; int val; GtkTreeIter iter; GtkTreeModel *model; cert = gtkut_tree_view_get_selected_pointer( GTK_TREE_VIEW(manager.certlist), SSL_MANAGER_CERT, &model, NULL, &iter); if (!cert) return; val = alertpanel_full(_("Delete certificate"), _("Do you really want to delete this certificate?"), GTK_STOCK_CANCEL, GTK_STOCK_DELETE, NULL, ALERTFOCUS_FIRST, FALSE, NULL, ALERT_WARNING); if (val != G_ALERTALTERNATE) return; ssl_certificate_delete_from_disk(cert); ssl_certificate_destroy(cert); gtk_list_store_remove(GTK_LIST_STORE(model), &iter); }
static SSLCertificate *ssl_certificate_new_lookup(X509 *x509_cert, const char *host, int port, int lookup) { SSLCertificate *cert = g_new0(SSLCertificate, 1); if (host == NULL || x509_cert == NULL) { ssl_certificate_destroy(cert); return NULL; } cert->x509_cert = X509_dup(x509_cert); if (lookup) cert->host = get_fqdn(host, port); else cert->host = g_strdup(host); cert->port = port; return cert; }
int ssl_certificate_check(X509 *x509_cert, const char *host, int port, void *data) { SSLCertificate *current_cert = ssl_certificate_new(x509_cert, host, port); SSLCertificate *known_cert; if (current_cert == NULL) { eb_debug(DBG_CORE, "Buggy certificate !\n"); return FALSE; } eb_debug(DBG_CORE, "%s%d\n", host, port); known_cert = ssl_certificate_find(host, port); if (known_cert == NULL) { char *err_msg, *cur_cert_str, *sig_status; int result = 0; sig_status = ssl_certificate_check_signer(x509_cert); if (sig_status == NULL) { char buf[1024]; if (X509_NAME_get_text_by_NID(X509_get_subject_name (x509_cert), NID_commonName, buf, 100) >= 0) if (!strcmp(buf, current_cert->host)) { ssl_certificate_save(current_cert); ssl_certificate_destroy(current_cert); return TRUE; } } else g_free(sig_status); cur_cert_str = ssl_certificate_to_string(current_cert); err_msg = g_strdup_printf(_ ("The server <b>%s</b> presented an unknown SSL certificate:\n\n%s\n\n" "Do you want to continue connecting?"), current_cert->host, cur_cert_str); result = ay_connection_verify(err_msg, _("Unknown Certificate!"), data); g_free(cur_cert_str); g_free(err_msg); if (result) { ssl_certificate_save(current_cert); } ssl_certificate_destroy(current_cert); return result; } else if (!ssl_certificate_compare(current_cert, known_cert)) { char *err_msg, *known_cert_str, *cur_cert_str; int result = -1; known_cert_str = ssl_certificate_to_string(known_cert); cur_cert_str = ssl_certificate_to_string(current_cert); err_msg = g_strdup_printf(_ ("%s's SSL certificate changed!\nWe have saved this one:\n%s\n\nIt is now:\n%s\n\n" "This could mean the server answering is not the known one.\n" "Do you want to continue connecting ?"), current_cert->host, known_cert_str, cur_cert_str); g_free(cur_cert_str); g_free(known_cert_str); result = ay_connection_verify(err_msg, _("Changed Certificate!"), data); g_free(err_msg); if (result) { ssl_certificate_save(current_cert); } ssl_certificate_destroy(current_cert); return result; } ssl_certificate_destroy(current_cert); ssl_certificate_destroy(known_cert); return TRUE; }