diff options
author | Eduardo Chappa <chappa@washington.edu> | 2014-04-25 17:31:25 -0600 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2014-04-25 17:31:25 -0600 |
commit | e797af007ccac26651f003bcead095f79994d5a0 (patch) | |
tree | b291d66106dcbfba990b6a8f4f9d0986fb76abe1 /pith/conftype.h | |
parent | 06525250787f8f774afa7f25901a8a805f2a29db (diff) | |
download | alpine-e797af007ccac26651f003bcead095f79994d5a0.tar.xz |
* When downloading a signed message, and processing it, we use
body->nested.part instead of b->nested.part in the
do_detached_signature_verify function, and save its body and mime
headers in create_local_cache. Now all signed messages should
verify correctly.
* Protect against potential crash bug in write_passfile function by
checking if text != NULL. text can only be null if there are no
passwords to save. We assume we could get write_passfile called
with null arguments, so this is just to protect that.
* Add handling of corner cases to several functions by initializing some
variables. Reported and patched by James Jerkins.
* When selecting the certificate/key pair to encrypt/decrypt the password
file choose it in this order:
- if -pwdcertdir is given look for certificates there, if nothing
there, we bail out;
- otherwise we look in the default directory, if anything there
and it matches to be a key/cert pair, we use it;
- otherwise we check if smime_init() has been called. If not
we call it;
- we check if a key/cert pair has been found with smime initialized,
if so, use it and copy it to the default directory;
- if not, check if there is anything in the default smime directories
(.alpine-smime/private and .alpine-smime/public), and in this
case copy it to the default.
- otherwise we bail. We will eventually create a certificate/key
pair for the user;
- finally, if we called smime_init(), we call smime_deinit().
Throughout this process, if smime_init() was not called before
we tried to get the cert/key pair we exit this process without
ps_global->smime->inited set, so that other process that need
to call smime_init() get the right structure initialized. This is
done because we might pick a cert/key pair to decrypt the password
file.
Diffstat (limited to 'pith/conftype.h')
-rw-r--r-- | pith/conftype.h | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/pith/conftype.h b/pith/conftype.h index d8636b48..16e8de25 100644 --- a/pith/conftype.h +++ b/pith/conftype.h @@ -673,8 +673,8 @@ typedef enum {Directory, Container, Keychain, Nada} SmimeHolderType; typedef enum {Public, Private, CACert} WhichCerts; typedef struct certdata { - unsigned deleted:1; /* certificate is marked deleted */ - unsigned renew:1; /* we must renew this list, set at top cert */ + unsigned deleted:1; /* certificate is marked deleted */ + unsigned renew:1; /* we must renew this list, set at top cert */ } CertData; typedef struct certlist { @@ -693,9 +693,6 @@ typedef struct smime_stuff { unsigned already_auto_asked:1; /* asked for passphrase automatically, not again */ volatile char passphrase[100]; /* storage for the entered passphrase */ char **passphrase_emailaddr; /* pointer to allocated storage */ -#ifdef PASSFILE - void *pwdcert; /* this has type (PERSONAL_CERT *) */ -#endif /* PASSFILE */ /* * If we are using the Container type it is easiest if we @@ -724,7 +721,7 @@ typedef struct smime_stuff { #define DATACERT(X) (((X) == Public ? ps_global->smime->publiccertlist \ : ((X) == Private ? ps_global->smime->privatecertlist \ - : ((X) == CACert ? ps_global->smime->cacertlist : NULL)))) + : ps_global->smime->cacertlist))) #define PATHCERTDIR(X) (((X) == Public ? ps_global->smime->publicpath \ : ((X) == Private ? ps_global->smime->privatepath \ @@ -740,7 +737,7 @@ typedef struct smime_stuff { #define EXTCERT(X) (((X) == Public ? ".crt" \ : ((X) == Private ? ".key" \ - : ((X) == CACert ? ".crt" : NULL)))) + : ((X) == CACert ? ".crt" : "")))) #define DELETEDCERT(X) ((X)->data.deleted) #define RENEWCERT(X) ((X)->data.renew) |