static void ssl_manager_list_view_insert_cert(GtkWidget *list_view,
GtkTreeIter *row_iter,
gchar *host,
gchar *port,
SSLCertificate *cert)
{
char *sig_status, *exp_date;
char buf[100];
time_t exp_time_t;
struct tm lt;
PangoWeight weight = PANGO_WEIGHT_NORMAL;
GtkTreeIter iter, *iterptr;
GtkListStore *list_store = GTK_LIST_STORE(gtk_tree_view_get_model
(GTK_TREE_VIEW(list_view)));
exp_time_t = gnutls_x509_crt_get_expiration_time(cert->x509_cert);
memset(buf, 0, sizeof(buf));
if (exp_time_t > 0) {
fast_strftime(buf, sizeof(buf)-1, prefs_common.date_format, localtime_r(&exp_time_t, <));
exp_date = (*buf) ? g_strdup(buf):g_strdup("?");
} else
exp_date = g_strdup("");
if (exp_time_t < time(NULL))
weight = PANGO_WEIGHT_BOLD;
sig_status = ssl_certificate_check_signer(cert, cert->status);
if (sig_status==NULL)
sig_status = g_strdup_printf(_("Correct%s"),exp_time_t < time(NULL)? _(" (expired)"): "");
else {
weight = PANGO_WEIGHT_BOLD;
if (exp_time_t < time(NULL))
sig_status = g_strconcat(sig_status,_(" (expired)"),NULL);
}
if (row_iter == NULL) {
/* append new */
gtk_list_store_append(list_store, &iter);
iterptr = &iter;
} else
iterptr = row_iter;
gtk_list_store_set(list_store, iterptr,
SSL_MANAGER_HOST, host,
SSL_MANAGER_PORT, port,
SSL_MANAGER_CERT, cert,
SSL_MANAGER_STATUS, sig_status,
SSL_MANAGER_EXPIRY, exp_date,
SSL_MANAGER_FONT_WEIGHT, weight,
-1);
g_free(sig_status);
g_free(exp_date);
}
static void date_format_entry_on_change(GtkEditable *editable,
GtkLabel *example)
{
time_t cur_time;
struct tm *cal_time;
gchar buffer[100];
gchar *text;
struct tm lt;
cur_time = time(NULL);
cal_time = localtime_r(&cur_time, <);
buffer[0] = 0;
text = gtk_editable_get_chars(editable, 0, -1);
if (text)
fast_strftime(buffer, sizeof buffer, text, cal_time);
gtk_label_set_text(example, buffer);
g_free(text);
}
gchar *sgpgme_sigstat_info_full(gpgme_ctx_t ctx, gpgme_verify_result_t status)
{
gint i = 0;
gchar *ret;
GString *siginfo;
gpgme_signature_t sig = NULL;
siginfo = g_string_sized_new(64);
if (status == NULL) {
g_string_append_printf(siginfo,
_("Error checking signature: no status\n"));
goto bail;
}
sig = status->signatures;
while (sig) {
char buf[100];
struct tm lt;
gpgme_user_id_t user = NULL;
gpgme_key_t key;
gpgme_error_t err;
const gchar *keytype, *keyid, *uid;
err = gpgme_get_key(ctx, sig->fpr, &key, 0);
if (err != GPG_ERR_NO_ERROR) {
key = NULL;
g_string_append_printf(siginfo,
_("Error checking signature: %s\n"),
gpgme_strerror(err));
goto bail;
}
if (key) {
user = key->uids;
keytype = gpgme_pubkey_algo_name(
key->subkeys->pubkey_algo);
keyid = key->subkeys->keyid;
uid = user->uid;
} else {
keytype = "?";
keyid = "?";
uid = "?";
}
memset(buf, 0, sizeof(buf));
fast_strftime(buf, sizeof(buf)-1, prefs_common_get_prefs()->date_format, localtime_r(&sig->timestamp, <));
g_string_append_printf(siginfo,
_("Signature made on %s using %s key ID %s\n"),
buf, keytype, keyid);
switch (gpg_err_code(sig->status)) {
case GPG_ERR_NO_ERROR:
g_string_append_printf(siginfo,
_("Good signature from uid \"%s\" (Validity: %s)\n"),
uid, get_validity_str(user?user->validity:GPGME_VALIDITY_UNKNOWN));
break;
case GPG_ERR_KEY_EXPIRED:
g_string_append_printf(siginfo,
_("Expired key uid \"%s\"\n"),
uid);
break;
case GPG_ERR_SIG_EXPIRED:
g_string_append_printf(siginfo,
_("Expired signature from uid \"%s\" (Validity: %s)\n"),
uid, get_validity_str(user?user->validity:GPGME_VALIDITY_UNKNOWN));
break;
case GPG_ERR_CERT_REVOKED:
g_string_append_printf(siginfo,
_("Revoked key uid \"%s\"\n"),
uid);
break;
case GPG_ERR_BAD_SIGNATURE:
g_string_append_printf(siginfo,
_("BAD signature from \"%s\"\n"),
uid);
break;
default:
break;
}
if (sig->status != GPG_ERR_BAD_SIGNATURE) {
gint j = 1;
user = user ? user->next : NULL;
while (user != NULL) {
g_string_append_printf(siginfo,
_(" uid \"%s\" (Validity: %s)\n"),
user->uid,
user->revoked==TRUE?_("Revoked"):get_validity_str(user->validity));
j++;
user = user->next;
}
g_string_append_printf(siginfo,_("Owner Trust: %s\n"),
get_owner_trust_str(key->owner_trust));
g_string_append(siginfo,
_("Primary key fingerprint:"));
const char* primary_fpr = NULL;
if (key && key->subkeys && key->subkeys->fpr)
primary_fpr = key->subkeys->fpr;
else
g_string_append(siginfo, " ?");
int idx; /* now pretty-print the fingerprint */
for (idx=0; primary_fpr && *primary_fpr!='\0'; idx++, primary_fpr++) {
if (idx%4==0)
g_string_append_c(siginfo, ' ');
if (idx%20==0)
g_string_append_c(siginfo, ' ');
g_string_append_c(siginfo, (gchar)*primary_fpr);
}
g_string_append_c(siginfo, '\n');
#ifdef HAVE_GPGME_PKA_TRUST
if (sig->pka_trust == 1 && sig->pka_address) {
g_string_append_printf(siginfo,
_("WARNING: Signer's address \"%s\" "
"does not match DNS entry\n"),
sig->pka_address);
}
else if (sig->pka_trust == 2 && sig->pka_address) {
g_string_append_printf(siginfo,
_("Verified signer's address is \"%s\"\n"),
sig->pka_address);
/* FIXME: Compare the address to the
* From: address. */
}
#endif /*HAVE_GPGME_PKA_TRUST*/
}
g_string_append(siginfo, "\n");
i++;
sig = sig->next;
}
bail:
ret = siginfo->str;
g_string_free(siginfo, FALSE);
return ret;
}
static void about_update_stats(void)
{
if (stats_text_buffer != NULL)
{
GtkTextIter start, end, iter;
gchar buf[1024];
gtk_text_buffer_get_start_iter(stats_text_buffer, &start);
gtk_text_buffer_get_end_iter(stats_text_buffer, &end);
gtk_text_buffer_delete(stats_text_buffer, &start, &end);
gtk_text_buffer_get_iter_at_offset(stats_text_buffer, &iter, 0);
gtk_text_buffer_insert_with_tags_by_name(stats_text_buffer, &iter,
(_("Session statistics\n")), -1,
"underlined-list-title", NULL);
if (prefs_common.date_format) {
struct tm *lt;
gint len = 100;
gchar date[len];
lt = localtime(&session_stats.time_started);
fast_strftime(date, len, prefs_common.date_format, lt);
g_snprintf(buf, sizeof(buf), _("Started: %s\n"),
lt ? date : ctime(&session_stats.time_started));
} else
g_snprintf(buf, sizeof(buf), _("Started: %s\n"),
ctime(&session_stats.time_started));
gtk_text_buffer_insert_with_tags_by_name(stats_text_buffer, &iter, buf, -1,
"indented-list-item", NULL);
gtk_text_buffer_insert(stats_text_buffer, &iter, "\n", 1);
gtk_text_buffer_insert_with_tags_by_name(stats_text_buffer, &iter,
(_("Incoming traffic\n")), -1,
"underlined-list-title", NULL);
g_snprintf(buf, sizeof(buf), _("Received messages: %d\n"),
session_stats.received);
gtk_text_buffer_insert_with_tags_by_name(stats_text_buffer, &iter, buf, -1,
"indented-list-item", "bold", NULL);
gtk_text_buffer_insert(stats_text_buffer, &iter, "\n", 1);
gtk_text_buffer_insert_with_tags_by_name(stats_text_buffer, &iter,
(_("Outgoing traffic\n")), -1,
"underlined-list-title", NULL);
g_snprintf(buf, sizeof(buf), _("New/redirected messages: %d\n"),
session_stats.sent);
gtk_text_buffer_insert_with_tags_by_name(stats_text_buffer, &iter, buf, -1,
"indented-list-item", NULL);
g_snprintf(buf, sizeof(buf), _("Replied messages: %d\n"),
session_stats.replied);
gtk_text_buffer_insert_with_tags_by_name(stats_text_buffer, &iter, buf, -1,
"indented-list-item", NULL);
g_snprintf(buf, sizeof(buf), _("Forwarded messages: %d\n"),
session_stats.forwarded);
gtk_text_buffer_insert_with_tags_by_name(stats_text_buffer, &iter, buf, -1,
"indented-list-item", NULL);
g_snprintf(buf, sizeof(buf), _("Total outgoing messages: %d\n"),
(session_stats.sent + session_stats.replied +
session_stats.forwarded));
gtk_text_buffer_insert_with_tags_by_name(stats_text_buffer, &iter, buf, -1,
"indented-list-item", "bold", NULL);
}
}
static GtkWidget *cert_presenter(SSLCertificate *cert)
{
GtkWidget *vbox = NULL;
GtkWidget *hbox = NULL;
GtkWidget *frame_owner = NULL;
GtkWidget *frame_signer = NULL;
GtkWidget *frame_status = NULL;
GtkTable *owner_table = NULL;
GtkTable *signer_table = NULL;
GtkTable *status_table = NULL;
GtkWidget *label = NULL;
char *issuer_commonname, *issuer_location, *issuer_organization;
char *subject_commonname, *subject_location, *subject_organization;
char *sig_status, *exp_date;
char *md5_fingerprint, *sha1_fingerprint, *fingerprint;
size_t n;
char buf[100];
unsigned char md[128];
char *tmp;
time_t exp_time_t;
struct tm lt;
/* issuer */
issuer_commonname = g_malloc(BUFFSIZE);
issuer_location = g_malloc(BUFFSIZE);
issuer_organization = g_malloc(BUFFSIZE);
subject_commonname = g_malloc(BUFFSIZE);
subject_location = g_malloc(BUFFSIZE);
subject_organization = g_malloc(BUFFSIZE);
n = BUFFSIZE;
if (gnutls_x509_crt_get_issuer_dn_by_oid(cert->x509_cert,
GNUTLS_OID_X520_COMMON_NAME, 0, 0, issuer_commonname, &n))
strncpy(issuer_commonname, _("<not in certificate>"), BUFFSIZE);
n = BUFFSIZE;
if (gnutls_x509_crt_get_issuer_dn_by_oid(cert->x509_cert,
GNUTLS_OID_X520_LOCALITY_NAME, 0, 0, issuer_location, &n)) {
if (gnutls_x509_crt_get_issuer_dn_by_oid(cert->x509_cert,
GNUTLS_OID_X520_COUNTRY_NAME, 0, 0, issuer_location, &n)) {
strncpy(issuer_location, _("<not in certificate>"), BUFFSIZE);
}
} else {
tmp = g_malloc(BUFFSIZE);
if (gnutls_x509_crt_get_issuer_dn_by_oid(cert->x509_cert,
GNUTLS_OID_X520_COUNTRY_NAME, 0, 0, tmp, &n) == 0) {
strncat(issuer_location, ", ", BUFFSIZE-strlen(issuer_location)-1);
strncat(issuer_location, tmp, BUFFSIZE-strlen(issuer_location)-1);
}
g_free(tmp);
}
n = BUFFSIZE;
if (gnutls_x509_crt_get_issuer_dn_by_oid(cert->x509_cert,
GNUTLS_OID_X520_ORGANIZATION_NAME, 0, 0, issuer_organization, &n))
strncpy(issuer_organization, _("<not in certificate>"), BUFFSIZE);
n = BUFFSIZE;
if (gnutls_x509_crt_get_dn_by_oid(cert->x509_cert,
GNUTLS_OID_X520_COMMON_NAME, 0, 0, subject_commonname, &n))
strncpy(subject_commonname, _("<not in certificate>"), BUFFSIZE);
n = BUFFSIZE;
if (gnutls_x509_crt_get_dn_by_oid(cert->x509_cert,
GNUTLS_OID_X520_LOCALITY_NAME, 0, 0, subject_location, &n)) {
if (gnutls_x509_crt_get_dn_by_oid(cert->x509_cert,
GNUTLS_OID_X520_COUNTRY_NAME, 0, 0, subject_location, &n)) {
strncpy(subject_location, _("<not in certificate>"), BUFFSIZE);
}
} else {
tmp = g_malloc(BUFFSIZE);
if (gnutls_x509_crt_get_dn_by_oid(cert->x509_cert,
GNUTLS_OID_X520_COUNTRY_NAME, 0, 0, tmp, &n) == 0) {
strncat(subject_location, ", ", BUFFSIZE-strlen(subject_location)-1);
strncat(subject_location, tmp, BUFFSIZE-strlen(subject_location)-1);
}
g_free(tmp);
}
n = BUFFSIZE;
if (gnutls_x509_crt_get_dn_by_oid(cert->x509_cert,
GNUTLS_OID_X520_ORGANIZATION_NAME, 0, 0, subject_organization, &n))
strncpy(subject_organization, _("<not in certificate>"), BUFFSIZE);
exp_time_t = gnutls_x509_crt_get_expiration_time(cert->x509_cert);
memset(buf, 0, sizeof(buf));
if (exp_time_t > 0) {
fast_strftime(buf, sizeof(buf)-1, prefs_common.date_format, localtime_r(&exp_time_t, <));
exp_date = (*buf) ? g_strdup(buf):g_strdup("?");
} else
exp_date = g_strdup("");
/* fingerprint */
n = 128;
gnutls_x509_crt_get_fingerprint(cert->x509_cert, GNUTLS_DIG_MD5, md, &n);
md5_fingerprint = readable_fingerprint(md, (int)n);
n = 128;
gnutls_x509_crt_get_fingerprint(cert->x509_cert, GNUTLS_DIG_SHA1, md, &n);
sha1_fingerprint = readable_fingerprint(md, (int)n);
/* signature */
sig_status = ssl_certificate_check_signer(cert->x509_cert, cert->status);
if (sig_status==NULL)
sig_status = g_strdup(_("Correct"));
vbox = gtk_vbox_new(FALSE, 5);
hbox = gtk_hbox_new(FALSE, 5);
frame_owner = gtk_frame_new(_("Owner"));
frame_signer = gtk_frame_new(_("Signer"));
frame_status = gtk_frame_new(_("Status"));
owner_table = GTK_TABLE(gtk_table_new(3, 2, FALSE));
signer_table = GTK_TABLE(gtk_table_new(3, 2, FALSE));
status_table = GTK_TABLE(gtk_table_new(3, 2, FALSE));
label = gtk_label_new(_("Name: "));
gtk_misc_set_alignment (GTK_MISC (label), 1, 0.5);
gtk_table_attach(owner_table, label, 0, 1, 0, 1, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(subject_commonname);
gtk_label_set_selectable(GTK_LABEL(label), TRUE);
gtk_misc_set_alignment (GTK_MISC (label), 0, 0.5);
gtk_table_attach(owner_table, label, 1, 2, 0, 1, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(_("Organization: "));
gtk_misc_set_alignment (GTK_MISC (label), 1, 0.5);
gtk_table_attach(owner_table, label, 0, 1, 1, 2, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(subject_organization);
gtk_label_set_selectable(GTK_LABEL(label), TRUE);
gtk_misc_set_alignment (GTK_MISC (label), 0, 0.5);
gtk_table_attach(owner_table, label, 1, 2, 1, 2, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(_("Location: "));
gtk_misc_set_alignment (GTK_MISC (label), 1, 0.5);
gtk_table_attach(owner_table, label, 0, 1, 2, 3, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(subject_location);
gtk_label_set_selectable(GTK_LABEL(label), TRUE);
gtk_misc_set_alignment (GTK_MISC (label), 0, 0.5);
gtk_table_attach(owner_table, label, 1, 2, 2, 3, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(_("Name: "));
gtk_misc_set_alignment (GTK_MISC (label), 1, 0.5);
gtk_table_attach(signer_table, label, 0, 1, 0, 1, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(issuer_commonname);
gtk_label_set_selectable(GTK_LABEL(label), TRUE);
gtk_misc_set_alignment (GTK_MISC (label), 0, 0.5);
gtk_table_attach(signer_table, label, 1, 2, 0, 1, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(_("Organization: "));
gtk_misc_set_alignment (GTK_MISC (label), 1, 0.5);
gtk_table_attach(signer_table, label, 0, 1, 1, 2, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(issuer_organization);
gtk_label_set_selectable(GTK_LABEL(label), TRUE);
gtk_misc_set_alignment (GTK_MISC (label), 0, 0.5);
gtk_table_attach(signer_table, label, 1, 2, 1, 2, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(_("Location: "));
gtk_misc_set_alignment (GTK_MISC (label), 1, 0.5);
gtk_table_attach(signer_table, label, 0, 1, 2, 3, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(issuer_location);
gtk_label_set_selectable(GTK_LABEL(label), TRUE);
gtk_misc_set_alignment (GTK_MISC (label), 0, 0.5);
gtk_table_attach(signer_table, label, 1, 2, 2, 3, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(_("Fingerprint: \n"));
gtk_misc_set_alignment (GTK_MISC (label), 1, 0.5);
gtk_table_attach(status_table, label, 0, 1, 0, 1, GTK_EXPAND|GTK_FILL, 0, 0, 0);
fingerprint = g_strdup_printf("MD5: %s\nSHA1: %s",
md5_fingerprint, sha1_fingerprint);
label = gtk_label_new(fingerprint);
g_free(fingerprint);
gtk_label_set_selectable(GTK_LABEL(label), TRUE);
gtk_misc_set_alignment (GTK_MISC (label), 0, 0.5);
gtk_table_attach(status_table, label, 1, 2, 0, 1, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(_("Signature status: "));
gtk_misc_set_alignment (GTK_MISC (label), 1, 0.5);
gtk_table_attach(status_table, label, 0, 1, 1, 2, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(sig_status);
gtk_label_set_selectable(GTK_LABEL(label), TRUE);
gtk_misc_set_alignment (GTK_MISC (label), 0, 0.5);
gtk_table_attach(status_table, label, 1, 2, 1, 2, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(_("Expires on: "));
gtk_misc_set_alignment (GTK_MISC (label), 1, 0.5);
gtk_table_attach(status_table, label, 0, 1, 2, 3, GTK_EXPAND|GTK_FILL, 0, 0, 0);
label = gtk_label_new(exp_date);
gtk_label_set_selectable(GTK_LABEL(label), TRUE);
gtk_misc_set_alignment (GTK_MISC (label), 0, 0.5);
gtk_table_attach(status_table, label, 1, 2, 2, 3, GTK_EXPAND|GTK_FILL, 0, 0, 0);
gtk_container_add(GTK_CONTAINER(frame_owner), GTK_WIDGET(owner_table));
gtk_container_add(GTK_CONTAINER(frame_signer), GTK_WIDGET(signer_table));
gtk_container_add(GTK_CONTAINER(frame_status), GTK_WIDGET(status_table));
gtk_box_pack_end(GTK_BOX(hbox), frame_signer, TRUE, TRUE, 0);
gtk_box_pack_end(GTK_BOX(hbox), frame_owner, TRUE, TRUE, 0);
gtk_box_pack_end(GTK_BOX(vbox), frame_status, TRUE, TRUE, 0);
gtk_box_pack_end(GTK_BOX(vbox), hbox, TRUE, TRUE, 0);
gtk_widget_show_all(vbox);
g_free(issuer_commonname);
g_free(issuer_location);
g_free(issuer_organization);
g_free(subject_commonname);
g_free(subject_location);
g_free(subject_organization);
g_free(md5_fingerprint);
g_free(sha1_fingerprint);
g_free(sig_status);
g_free(exp_date);
return vbox;
}
