* SMIME: Offer the common name of the person, instead of the name of

     file containing the certificate, as the name to be displayed in the
     certificate management screen for certificate authorities. Suggested
     by Matthias Rieber.

6 files changed, 44 insertions, 12 deletions

diff --git a/alpine/smime.c b/alpine/smime.c
index 9a3b109d..5e2ae752 100644
--- a/alpine/smime.c
+++ b/alpine/smime.c
@@ -383,7 +383,7 @@ output_cert_info(X509 *cert, gf_io_t pc)
 	gf_puts(NEWLINE, spc);
     }
     else{
-	gf_puts_uline("Subject (whose certificate it is)", spc);
+	gf_puts_uline("Certificate Owner", spc);
 	gf_puts(NEWLINE, spc);
 
 	output_X509_NAME(cert->cert_info->subject, spc);
@@ -1387,21 +1387,22 @@ void smime_manage_certs_init(struct pine *ps, CONF_S **ctmp, CONF_S **first_line
 	   e = strlen(cl->name);
 
       if(ctype != Private && SMHOLDERTYPE(ctype) == Directory)
-	e -= 4;		/* remove extension length FIX FIX FIX */
+	e -= 4;		/* remove extension length */
+      e = MIN(e, ps->ttyo->screen_cols/3);	/* do not use too much screen */
       nf = 5;		/* there are 5 fields */
       s = 3;		/* status has fixed size */
       df = dt = 10;	/* date from and date to have fixed size */
       md5 = ps->ttyo->screen_cols - s - df - dt - e - (nf - 1);
 
-      memset(u, '\0', sizeof(u));
       t = u;
       smime_setup_size(&t, sizeof(u), s);
       smime_setup_size(&t, sizeof(u) - strlen(t), e);
       smime_setup_size(&t, sizeof(u) - strlen(t), df);
-      *t++ = ' ';		/* leave an extra space between dates */
+      *t++ = ' ';	/* leave an extra space between dates */
       smime_setup_size(&t, sizeof(u) - strlen(t), dt);
-      *t++ = ' ';		/* and another space between date and md5 sum */
+      *t++ = ' ';	/* and another space between date and md5 sum */
       smime_setup_size(&t, sizeof(u) - strlen(t), md5);
+      *t = '\0';	/* tie off */
 
       for(cl = data, i = 0; cl; cl = cl->next)
 	 if(cl->name){
@@ -1422,7 +1423,8 @@ void smime_manage_certs_init(struct pine *ps, CONF_S **ctmp, CONF_S **first_line
 	    (*ctmp)->d.s.address[sizeof((*ctmp)->d.s.address) - 1] = '\0';
 	    snprintf(tmp, sizeof(tmp), u,
 			(*ctmp)->d.s.deleted ? "D" : " ", 
-			cl->name, DATEFROMCERT(cl), DATETOCERT(cl), MD5CERT(cl));
+			ctype == CACert ? cl->cn : cl->name, 
+			DATEFROMCERT(cl), DATETOCERT(cl), MD5CERT(cl));
 	    if(ctype != Private && SMHOLDERTYPE(ctype) == Directory)
 	       cl->name[strlen(cl->name)] = '.';
 	    (*ctmp)->value      = cpystr(tmp);
diff --git a/pith/conftype.h b/pith/conftype.h
index 8c89fa28..b7ec5eb0 100644
--- a/pith/conftype.h
+++ b/pith/conftype.h
@@ -683,7 +683,8 @@ typedef struct certdata {
 } CertData;
 
 typedef struct certlist {
-    char            *name;
+    char            *name;		/* file name		*/
+    char	    *cn;		/* CN field from certificate */
     void            *x509_cert;		/* this is type (X509 *) */
     CertData	    data;
     struct certlist *next;
diff --git a/pith/pine.hlp b/pith/pine.hlp
index 21a18299..cac10d74 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
 reasonable place to be called from.
 Dummy change to get revision in pine.hlp
 ============= h_revision =================
-Alpine Commit 101 2015-09-08 19:54:50
+Alpine Commit 102 2015-09-09 19:01:06
 ============= h_news =================
 <HTML>
 <HEAD>
@@ -199,6 +199,11 @@ Additions include:
   <LI> SMIME: Certificate information in the S/MIME screen is available 
        for certificates stored in a cotainer.
 
+  <LI> SMIME: Offer the common name of the person, instead of the name of
+       file containing the certificate, as the name to be displayed in the 
+       certificate management screen for certificate authorities. 
+       Suggested by Matthias Rieber.
+
   <LI> HTML: Add support for decoding entities in hexadecimal notation.
        Suggested by Tulip&aacute;nt Gergely.
 
diff --git a/pith/smime.c b/pith/smime.c
index dd5745f9..c8c350be 100644
--- a/pith/smime.c
+++ b/pith/smime.c
@@ -918,10 +918,11 @@ certlist_from_personal_certs(PERSONAL_CERT *pc)
    x = get_cert_for(pc->name, Public);
    if(x){
      if(x->cert_info){
-       cl->data.date_from = smime_get_date(x->cert_info->validity->notBefore);
-       cl->data.date_to   = smime_get_date(x->cert_info->validity->notAfter);
-       get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL);
-       cl->data.md5       = cpystr(buf);
+	cl->data.date_from = smime_get_date(x->cert_info->validity->notBefore);
+	cl->data.date_to   = smime_get_date(x->cert_info->validity->notAfter);
+	get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL);
+	cl->data.md5       = cpystr(buf);
+	cl->cn = smime_get_cn(x->cert_info->subject);
      }
      X509_free(x);
    }
diff --git a/pith/smkeys.c b/pith/smkeys.c
index 73e3cdbe..c6feb567 100644
--- a/pith/smkeys.c
+++ b/pith/smkeys.c
@@ -141,6 +141,8 @@ setup_certs_backup_by_type(WhichCerts ctype)
 				   cert->data.date_to	= cpystr(cl->data.date_to);
 				  if(cl->data.md5 != NULL)
 				   cert->data.md5	= cpystr(cl->data.md5);
+				  if(cl->cn != NULL)
+				   cert->cn  = cpystr(cl->cn);
 				  snprintf(buf2, len, "%s.%s", cl->name, cl->data.md5);
 				  buf2[sizeof(buf2)-1] = '\0';
 				  cert->name = cpystr(buf2);
@@ -197,6 +199,8 @@ setup_certs_backup_by_type(WhichCerts ctype)
 			if((in = BIO_new_file(buf2, "r"))!=0){
 			  x = PEM_read_bio_X509(in, NULL, NULL, NULL);
 			  if(x && x->cert_info){ /* for now copy this information */
+			    X509_NAME_ENTRY *e;
+        
 			    cert = fs_get(sizeof(CertList));
 			    memset((void *)cert, 0, sizeof(CertList));
 			    cert->x509_cert = x;
@@ -205,6 +209,7 @@ setup_certs_backup_by_type(WhichCerts ctype)
 			    get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL);
 			    cert->data.md5	 = cpystr(buf);
 			    cert->name = cpystr(df->d_name);
+			    cert->cn = smime_get_cn(x->cert_info->subject);
 			    /* we will use the cert->data.md5 variable to find a backup 
 			       certificate, not the name */
 			    if(data == NULL)
@@ -245,6 +250,17 @@ setup_certs_backup_by_type(WhichCerts ctype)
    return rv;
 }
 
+char *
+smime_get_cn(X509_NAME *subject)
+{
+   char buf[256];
+   X509_NAME_ENTRY *e;
+   e = X509_NAME_get_entry(subject, X509_NAME_entry_count(subject)-2);
+   if(e)
+      X509_NAME_get_text_by_OBJ(subject, e->object, buf, sizeof(buf));
+   return cpystr(buf);
+}
+
 int
 compare_certs_by_name(const void *data1, const void *data2)
 {
@@ -456,6 +472,7 @@ add_certs_in_dir(X509_LOOKUP *lookup, char *path, char *ext, CertList **cdata)
 			   cert->data.date_to	= smime_get_date(x->cert_info->validity->notAfter);
 			   get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL);
 			   cert->data.md5	= cpystr(buf);
+			   cert->cn = smime_get_cn(x->cert_info->subject);
 			   X509_free(x);
 			}
 			BIO_free(in);
@@ -1271,6 +1288,7 @@ add_to_end_of_certlist(CertList **cl, char *name, X509 *cert)
        new->data.date_to   = smime_get_date(cert->cert_info->validity->notAfter);
        get_fingerprint(cert, EVP_md5(), buf, sizeof(buf), NULL);
        new->data.md5       = cpystr(buf);
+       new->cn = smime_get_cn(cert->cert_info->subject);
     }
 
     if(!*cl){
@@ -1301,6 +1319,9 @@ free_certlist(CertList **cl)
 	if((*cl)->name)
 	  fs_give((void **) &(*cl)->name);
 
+	if((*cl)->cn)
+	  fs_give((void **) &(*cl)->cn);
+
 	if((*cl)->x509_cert)
 	  X509_free((X509 *) (*cl)->x509_cert);
 
diff --git a/pith/smkeys.h b/pith/smkeys.h
index 37a92a90..e7dbe396 100644
--- a/pith/smkeys.h
+++ b/pith/smkeys.h
@@ -66,6 +66,8 @@ int	       load_cert_for_key(char *pathdir, EVP_PKEY *pkey, char **certfile, X50
 char           *smime_get_date(ASN1_GENERALIZEDTIME *tm);
 void	       resort_certificates(CertList **data, WhichCerts ctype);
 int	       setup_certs_backup_by_type(WhichCerts ctype);
+char 	       *smime_get_cn(X509_NAME *);
+
 
 #endif /* PITH_SMKEYS_INCLUDED */
 #endif /* SMIME */