From a8d64a7a84ace27e2a92cf571ee11a138ab37a0e Mon Sep 17 00:00:00 2001
From: hiro <hiro@ee746299-78ed-0310-b773-934348b2243d>
Date: Tue, 12 Dec 2006 10:02:57 +0000
Subject: implemented SSL certificate dialog.

git-svn-id: svn://sylpheed.sraoss.jp/sylpheed/trunk@1415 ee746299-78ed-0310-b773-934348b2243d
---
 src/Makefile.am  |   1 +
 src/main.c       |   4 ++
 src/sslmanager.c | 159 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 src/sslmanager.h |  40 ++++++++++++++
 4 files changed, 204 insertions(+)
 create mode 100644 src/sslmanager.c
 create mode 100644 src/sslmanager.h

(limited to 'src')

diff --git a/src/Makefile.am b/src/Makefile.am
index 5c9f4222..df0c26e9 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -83,6 +83,7 @@ sylpheed_SOURCES = \
 	eggtrayicon.c eggtrayicon.h \
 	trayicon.c trayicon.h \
 	printing.c printing.h \
+	sslmanager.c sslmanager.h \
 	quote_fmt_lex.l quote_fmt_lex.h \
 	quote_fmt_parse.y quote_fmt.h \
 	sylpheed-marshal.c sylpheed-marshal.h
diff --git a/src/main.c b/src/main.c
index b6c54ec8..54f2c318 100644
--- a/src/main.c
+++ b/src/main.c
@@ -86,6 +86,7 @@
 #endif
 #if USE_SSL
 #  include "ssl.h"
+#  include "sslmanager.h"
 #endif
 
 #ifdef G_OS_WIN32
@@ -208,6 +209,9 @@ int main(int argc, char *argv[])
 	set_ui_update_func(gtkut_events_flush);
 	set_progress_func(main_window_progress_show);
 	set_input_query_password_func(input_dialog_query_password);
+#if USE_SSL
+	ssl_set_verify_func(ssl_manager_verify_cert);
+#endif
 
 	CHDIR_EXIT_IF_FAIL(get_home_dir(), 1);
 
diff --git a/src/sslmanager.c b/src/sslmanager.c
new file mode 100644
index 00000000..5e01bbb9
--- /dev/null
+++ b/src/sslmanager.c
@@ -0,0 +1,159 @@
+/*
+ * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
+ * Copyright (C) 1999-2006 Hiroyuki Yamamoto
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#ifdef HAVE_CONFIG_H
+#  include "config.h"
+#endif
+
+#if USE_SSL
+
+#include "defs.h"
+
+#include <glib.h>
+#include <glib/gi18n.h>
+#include <gtk/gtkdialog.h>
+#include <gtk/gtkhbox.h>
+#include <gtk/gtkvbox.h>
+#include <gtk/gtkstock.h>
+#include <gtk/gtkimage.h>
+#include <gtk/gtklabel.h>
+
+#include "ssl.h"
+#include "sslmanager.h"
+#include "manage_window.h"
+
+gint ssl_manager_verify_cert(SockInfo *sockinfo, const gchar *hostname,
+			     X509 *server_cert, glong verify_result)
+{
+	static PangoFontDescription *font_desc;
+	GtkWidget *dialog;
+	GtkWidget *hbox;
+	GtkWidget *image;
+	GtkWidget *vbox;
+	GtkWidget *label;
+	const gchar *title;
+	gchar *message;
+	gchar *subject, *issuer;
+	gint result;
+
+	if (verify_result == X509_V_OK)
+		return 0;
+
+	title = _("SSL certificate verify failed");
+
+	subject = X509_NAME_oneline(X509_get_subject_name(server_cert),
+				    NULL, 0);
+	issuer = X509_NAME_oneline(X509_get_issuer_name(server_cert), NULL, 0);
+	message = g_strdup_printf
+		(_("The SSL certificate of %s cannot be verified by the following reason:\n"
+		   "  %s\n\n"
+		   "Server certificate:\n"
+		   "  Subject: %s\n"
+		   "  Issuer: %s\n\n"
+		   "Do you accept this certificate?"),
+		 hostname, X509_verify_cert_error_string(verify_result),
+		 subject ? subject : "(unknown)",
+		 issuer ? issuer : "(unknown)");
+	g_free(issuer);
+	g_free(subject);
+
+	dialog = gtk_dialog_new();
+	gtk_window_set_title(GTK_WINDOW(dialog), title);
+	gtk_window_set_policy(GTK_WINDOW(dialog), FALSE, FALSE, FALSE);
+	gtk_window_set_position(GTK_WINDOW(dialog),
+				GTK_WIN_POS_CENTER_ON_PARENT);
+	gtk_window_set_modal(GTK_WINDOW(dialog), TRUE);
+	manage_window_set_transient(GTK_WINDOW(dialog));
+	gtk_dialog_set_has_separator(GTK_DIALOG(dialog), FALSE);
+	gtk_widget_realize(dialog);
+
+	hbox = gtk_hbox_new(FALSE, 12);
+	gtk_container_set_border_width(GTK_CONTAINER(hbox), 12);
+	gtk_box_pack_start(GTK_BOX(GTK_DIALOG(dialog)->vbox),
+			   hbox, FALSE, FALSE, 0);
+
+	image = gtk_image_new_from_stock
+		(GTK_STOCK_DIALOG_WARNING, GTK_ICON_SIZE_DIALOG);
+
+	gtk_misc_set_alignment(GTK_MISC(image), 0.5, 0.0);
+	gtk_box_pack_start(GTK_BOX(hbox), image, FALSE, FALSE, 0);
+
+	vbox = gtk_vbox_new(FALSE, 12);
+	gtk_box_pack_start(GTK_BOX(hbox), vbox, TRUE, TRUE, 0);
+
+	label = gtk_label_new(title);
+	gtk_box_pack_start(GTK_BOX(vbox), label, TRUE, TRUE, 0);
+	gtk_misc_set_alignment(GTK_MISC(label), 0.0, 0.0);
+	gtk_label_set_line_wrap(GTK_LABEL(label), TRUE);
+
+	if (!font_desc) {
+		gint size;
+
+		size = pango_font_description_get_size
+			(label->style->font_desc);
+		font_desc = pango_font_description_new();
+		pango_font_description_set_weight
+			(font_desc, PANGO_WEIGHT_BOLD);
+		pango_font_description_set_size
+			(font_desc, size * PANGO_SCALE_LARGE);
+	}
+	if (font_desc)
+		gtk_widget_modify_font(label, font_desc);
+
+	label = gtk_label_new(message);
+	g_free(message);
+	gtk_box_pack_start(GTK_BOX(vbox), label, TRUE, TRUE, 0);
+	gtk_misc_set_alignment(GTK_MISC(label), 0.0, 0.0);
+	gtk_label_set_line_wrap(GTK_LABEL(label), TRUE);
+	gtk_label_set_selectable(GTK_LABEL(label), TRUE);
+	GTK_WIDGET_UNSET_FLAGS(label, GTK_CAN_FOCUS);
+#ifdef G_OS_WIN32
+	{
+		GtkStyle *style;
+		style = gtk_widget_get_style(dialog);
+		gtk_widget_modify_base(label, GTK_STATE_ACTIVE,
+				       &style->base[GTK_STATE_SELECTED]);
+		gtk_widget_modify_text(label, GTK_STATE_ACTIVE,
+				       &style->text[GTK_STATE_SELECTED]);
+	}
+#endif
+
+	gtk_dialog_add_buttons(GTK_DIALOG(dialog),
+			       GTK_STOCK_CANCEL, GTK_RESPONSE_CANCEL,
+			       GTK_STOCK_OK, GTK_RESPONSE_OK,
+			       NULL);
+	gtk_dialog_set_default_response(GTK_DIALOG(dialog), GTK_RESPONSE_OK);
+
+	gtk_widget_show_all(dialog);
+
+	result = gtk_dialog_run(GTK_DIALOG(dialog));
+	gtk_widget_destroy(dialog);
+
+	switch (result) {
+	case GTK_RESPONSE_OK:
+		return 1;
+	case GTK_RESPONSE_CANCEL:
+	default:
+		break;
+	}
+
+	return -1;
+}
+
+#endif /* USE_SSL */
diff --git a/src/sslmanager.h b/src/sslmanager.h
new file mode 100644
index 00000000..92b9b0da
--- /dev/null
+++ b/src/sslmanager.h
@@ -0,0 +1,40 @@
+/*
+ * Sylpheed -- a GTK+ based, lightweight, and fast e-mail client
+ * Copyright (C) 1999-2006 Hiroyuki Yamamoto
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#ifndef __SSLMANAGER_H__
+#define __SSLMANAGER_H__
+
+#ifdef HAVE_CONFIG_H
+#  include "config.h"
+#endif
+
+#if USE_SSL
+
+#include <glib.h>
+
+#include "ssl.h"
+
+gint ssl_manager_verify_cert	(SockInfo	*sockinfo,
+				 const gchar	*hostname,
+				 X509		*server_cert,
+				 glong		 verify_result);
+
+#endif /* USE_SSL */
+
+#endif /* __MAIN_H__ */
-- 
cgit v1.2.3