diff options
Diffstat (limited to 'camel/camel-tcp-stream-ssl.c')
-rw-r--r-- | camel/camel-tcp-stream-ssl.c | 79 |
1 files changed, 30 insertions, 49 deletions
diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c index 614b3c552e..f2491d48d4 100644 --- a/camel/camel-tcp-stream-ssl.c +++ b/camel/camel-tcp-stream-ssl.c @@ -89,7 +89,6 @@ struct _CamelTcpStreamSSLPrivate { CamelService *service; char *expected_host; gboolean ssl_mode; - guint32 flags; }; static void @@ -161,7 +160,6 @@ camel_tcp_stream_ssl_get_type (void) * camel_tcp_stream_ssl_new: * @service: camel service * @expected_host: host that the stream is expected to connect with. - * @flags: ENABLE_SSL2, ENABLE_SSL3 and/or ENABLE_TLS * * Since the SSL certificate authenticator may need to prompt the * user, a CamelService is needed. @expected_host is needed as a @@ -170,7 +168,7 @@ camel_tcp_stream_ssl_get_type (void) * Return value: a ssl stream (in ssl mode) **/ CamelStream * -camel_tcp_stream_ssl_new (CamelService *service, const char *expected_host, guint32 flags) +camel_tcp_stream_ssl_new (CamelService *service, const char *expected_host) { CamelTcpStreamSSL *stream; @@ -179,7 +177,6 @@ camel_tcp_stream_ssl_new (CamelService *service, const char *expected_host, guin stream->priv->service = service; stream->priv->expected_host = g_strdup (expected_host); stream->priv->ssl_mode = TRUE; - stream->priv->flags = flags; return CAMEL_STREAM (stream); } @@ -189,7 +186,6 @@ camel_tcp_stream_ssl_new (CamelService *service, const char *expected_host, guin * camel_tcp_stream_ssl_new_raw: * @service: camel service * @expected_host: host that the stream is expected to connect with. - * @flags: ENABLE_SSL2, ENABLE_SSL3 and/or ENABLE_TLS * * Since the SSL certificate authenticator may need to prompt the * user, a CamelService is needed. @expected_host is needed as a @@ -198,7 +194,7 @@ camel_tcp_stream_ssl_new (CamelService *service, const char *expected_host, guin * Return value: a ssl-capable stream (in non ssl mode) **/ CamelStream * -camel_tcp_stream_ssl_new_raw (CamelService *service, const char *expected_host, guint32 flags) +camel_tcp_stream_ssl_new_raw (CamelService *service, const char *expected_host) { CamelTcpStreamSSL *stream; @@ -207,7 +203,6 @@ camel_tcp_stream_ssl_new_raw (CamelService *service, const char *expected_host, stream->priv->service = service; stream->priv->expected_host = g_strdup (expected_host); stream->priv->ssl_mode = FALSE; - stream->priv->flags = flags; return CAMEL_STREAM (stream); } @@ -633,34 +628,34 @@ camel_certdb_nss_cert_get(CamelCertDB *certdb, CERTCertificate *cert) int fd; ssize_t len; struct stat st; - - fingerprint = cert_fingerprint (cert); - ccert = camel_certdb_get_cert (certdb, fingerprint); + + fingerprint = cert_fingerprint(cert); + ccert = camel_certdb_get_cert(certdb, fingerprint); if (ccert == NULL) { - g_free (fingerprint); + g_free(fingerprint); return ccert; } - + if (ccert->rawcert == NULL) { - path = g_strdup_printf ("%s/.camel_certs/%s", getenv ("HOME"), fingerprint); - if (stat (path, &st) == -1 - || (fd = open (path, O_RDONLY)) == -1) { - g_warning ("could not load cert %s: %s", path, strerror (errno)); - g_free (fingerprint); - g_free (path); - camel_cert_set_trust (certdb, ccert, CAMEL_CERT_TRUST_UNKNOWN); - camel_certdb_touch (certdb); - + path = g_strdup_printf("%s/.camel_certs/%s", getenv("HOME"), fingerprint); + if (stat(path, &st) == -1 + || (fd = open(path, O_RDONLY)) == -1) { + g_warning("could not load cert %s: %s", path, strerror(errno)); + g_free(fingerprint); + g_free(path); + camel_cert_set_trust(certdb, ccert, CAMEL_CERT_TRUST_UNKNOWN); + camel_certdb_touch(certdb); + return ccert; } g_free(path); - ccert->rawcert = g_byte_array_new (); + ccert->rawcert = g_byte_array_new(); g_byte_array_set_size(ccert->rawcert, st.st_size); len = read(fd, ccert->rawcert->data, st.st_size); close(fd); if (len != st.st_size) { - g_warning ("cert size read truncated %s: %d != %ld", path, len, st.st_size); + g_warning("cert size read truncated %s: %d != %ld", path, len, st.st_size); g_byte_array_free(ccert->rawcert, TRUE); ccert->rawcert = NULL; g_free(fingerprint); @@ -716,12 +711,11 @@ camel_certdb_nss_cert_set(CamelCertDB *certdb, CamelCert *ccert, CERTCertificate struct stat st; fingerprint = ccert->fingerprint; - + if (ccert->rawcert == NULL) - ccert->rawcert = g_byte_array_new (); - - g_byte_array_set_size (ccert->rawcert, cert->derCert.len); - memcpy (ccert->rawcert->data, cert->derCert.data, cert->derCert.len); + ccert->rawcert = g_byte_array_new(); + g_byte_array_set_size(ccert->rawcert, cert->derCert.len); + memcpy(ccert->rawcert->data, cert->derCert.data, cert->derCert.len); dir = g_strdup_printf ("%s/.camel_certs", getenv ("HOME")); if (stat (dir, &st) == -1 && mkdir (dir, 0700) == -1) { @@ -733,19 +727,19 @@ camel_certdb_nss_cert_set(CamelCertDB *certdb, CamelCert *ccert, CERTCertificate path = g_strdup_printf ("%s/%s", dir, fingerprint); g_free (dir); - stream = camel_stream_fs_new_with_name (path, O_WRONLY | O_CREAT | O_TRUNC, 0600); + stream = camel_stream_fs_new_with_name(path, O_WRONLY|O_CREAT|O_TRUNC, 0600); if (stream != NULL) { - if (camel_stream_write (stream, ccert->rawcert->data, ccert->rawcert->len) == -1) { - g_warning ("Could not save cert: %s: %s", path, strerror (errno)); - unlink (path); + if (camel_stream_write(stream, ccert->rawcert->data, ccert->rawcert->len) != ccert->rawcert->len) { + g_warning("Could not save cert: %s: %s", path, strerror(errno)); + unlink(path); } - camel_stream_close (stream); - camel_object_unref (stream); + camel_stream_close(stream); + camel_object_unref(stream); } else { - g_warning ("Could not save cert: %s: %s", path, strerror (errno)); + g_warning("Could not save cert: %s: %s", path, strerror(errno)); } - g_free (path); + g_free(path); } @@ -984,19 +978,6 @@ enable_ssl (CamelTcpStreamSSL *ssl, PRFileDesc *fd) return NULL; SSL_OptionSet (ssl_fd, SSL_SECURITY, PR_TRUE); - if (ssl->priv->flags & CAMEL_TCP_STREAM_SSL_ENABLE_SSL2) - SSL_OptionSet (ssl_fd, SSL_ENABLE_SSL2, PR_TRUE); - else - SSL_OptionSet (ssl_fd, SSL_ENABLE_SSL2, PR_FALSE); - if (ssl->priv->flags & CAMEL_TCP_STREAM_SSL_ENABLE_SSL3) - SSL_OptionSet (ssl_fd, SSL_ENABLE_SSL3, PR_TRUE); - else - SSL_OptionSet (ssl_fd, SSL_ENABLE_SSL3, PR_FALSE); - if (ssl->priv->flags & CAMEL_TCP_STREAM_SSL_ENABLE_TLS) - SSL_OptionSet (ssl_fd, SSL_ENABLE_TLS, PR_TRUE); - else - SSL_OptionSet (ssl_fd, SSL_ENABLE_TLS, PR_FALSE); - SSL_SetURL (ssl_fd, ssl->priv->expected_host); /*SSL_GetClientAuthDataHook (sslSocket, ssl_get_client_auth, (void *) certNickname);*/ |