diff options
| author | Eduardo Chappa <chappa@washington.edu> | 2015-09-09 19:01:12 -0600 |
|---|---|---|
| committer | Eduardo Chappa <chappa@washington.edu> | 2015-09-09 19:01:12 -0600 |
| commit | 6bcba429b8feb23fa3de2ee8d77bfa80785676ed (patch) | |
| tree | 8d4b15160beb2ee15b5bb3719f1b58b7e297790d /pith | |
| parent | 8cc4a2fc0e42e07a61d51bffd882d9251332a5ed (diff) | |
| download | alpine-6bcba429b8feb23fa3de2ee8d77bfa80785676ed.tar.xz | |
* SMIME: Offer the common name of the person, instead of the name of
file containing the certificate, as the name to be displayed in the
certificate management screen for certificate authorities. Suggested
by Matthias Rieber.
Diffstat (limited to 'pith')
| -rw-r--r-- | pith/conftype.h | 3 | ||||
| -rw-r--r-- | pith/pine.hlp | 7 | ||||
| -rw-r--r-- | pith/smime.c | 9 | ||||
| -rw-r--r-- | pith/smkeys.c | 21 | ||||
| -rw-r--r-- | pith/smkeys.h | 2 |
5 files changed, 36 insertions, 6 deletions
diff --git a/pith/conftype.h b/pith/conftype.h index 8c89fa28..b7ec5eb0 100644 --- a/pith/conftype.h +++ b/pith/conftype.h @@ -683,7 +683,8 @@ typedef struct certdata { } CertData; typedef struct certlist { - char *name; + char *name; /* file name */ + char *cn; /* CN field from certificate */ void *x509_cert; /* this is type (X509 *) */ CertData data; struct certlist *next; diff --git a/pith/pine.hlp b/pith/pine.hlp index 21a18299..cac10d74 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 101 2015-09-08 19:54:50 +Alpine Commit 102 2015-09-09 19:01:06 ============= h_news ================= <HTML> <HEAD> @@ -199,6 +199,11 @@ Additions include: <LI> SMIME: Certificate information in the S/MIME screen is available for certificates stored in a cotainer. + <LI> SMIME: Offer the common name of the person, instead of the name of + file containing the certificate, as the name to be displayed in the + certificate management screen for certificate authorities. + Suggested by Matthias Rieber. + <LI> HTML: Add support for decoding entities in hexadecimal notation. Suggested by Tulipánt Gergely. diff --git a/pith/smime.c b/pith/smime.c index dd5745f9..c8c350be 100644 --- a/pith/smime.c +++ b/pith/smime.c @@ -918,10 +918,11 @@ certlist_from_personal_certs(PERSONAL_CERT *pc) x = get_cert_for(pc->name, Public); if(x){ if(x->cert_info){ - cl->data.date_from = smime_get_date(x->cert_info->validity->notBefore); - cl->data.date_to = smime_get_date(x->cert_info->validity->notAfter); - get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL); - cl->data.md5 = cpystr(buf); + cl->data.date_from = smime_get_date(x->cert_info->validity->notBefore); + cl->data.date_to = smime_get_date(x->cert_info->validity->notAfter); + get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL); + cl->data.md5 = cpystr(buf); + cl->cn = smime_get_cn(x->cert_info->subject); } X509_free(x); } diff --git a/pith/smkeys.c b/pith/smkeys.c index 73e3cdbe..c6feb567 100644 --- a/pith/smkeys.c +++ b/pith/smkeys.c @@ -141,6 +141,8 @@ setup_certs_backup_by_type(WhichCerts ctype) cert->data.date_to = cpystr(cl->data.date_to); if(cl->data.md5 != NULL) cert->data.md5 = cpystr(cl->data.md5); + if(cl->cn != NULL) + cert->cn = cpystr(cl->cn); snprintf(buf2, len, "%s.%s", cl->name, cl->data.md5); buf2[sizeof(buf2)-1] = '\0'; cert->name = cpystr(buf2); @@ -197,6 +199,8 @@ setup_certs_backup_by_type(WhichCerts ctype) if((in = BIO_new_file(buf2, "r"))!=0){ x = PEM_read_bio_X509(in, NULL, NULL, NULL); if(x && x->cert_info){ /* for now copy this information */ + X509_NAME_ENTRY *e; + cert = fs_get(sizeof(CertList)); memset((void *)cert, 0, sizeof(CertList)); cert->x509_cert = x; @@ -205,6 +209,7 @@ setup_certs_backup_by_type(WhichCerts ctype) get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL); cert->data.md5 = cpystr(buf); cert->name = cpystr(df->d_name); + cert->cn = smime_get_cn(x->cert_info->subject); /* we will use the cert->data.md5 variable to find a backup certificate, not the name */ if(data == NULL) @@ -245,6 +250,17 @@ setup_certs_backup_by_type(WhichCerts ctype) return rv; } +char * +smime_get_cn(X509_NAME *subject) +{ + char buf[256]; + X509_NAME_ENTRY *e; + e = X509_NAME_get_entry(subject, X509_NAME_entry_count(subject)-2); + if(e) + X509_NAME_get_text_by_OBJ(subject, e->object, buf, sizeof(buf)); + return cpystr(buf); +} + int compare_certs_by_name(const void *data1, const void *data2) { @@ -456,6 +472,7 @@ add_certs_in_dir(X509_LOOKUP *lookup, char *path, char *ext, CertList **cdata) cert->data.date_to = smime_get_date(x->cert_info->validity->notAfter); get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL); cert->data.md5 = cpystr(buf); + cert->cn = smime_get_cn(x->cert_info->subject); X509_free(x); } BIO_free(in); @@ -1271,6 +1288,7 @@ add_to_end_of_certlist(CertList **cl, char *name, X509 *cert) new->data.date_to = smime_get_date(cert->cert_info->validity->notAfter); get_fingerprint(cert, EVP_md5(), buf, sizeof(buf), NULL); new->data.md5 = cpystr(buf); + new->cn = smime_get_cn(cert->cert_info->subject); } if(!*cl){ @@ -1301,6 +1319,9 @@ free_certlist(CertList **cl) if((*cl)->name) fs_give((void **) &(*cl)->name); + if((*cl)->cn) + fs_give((void **) &(*cl)->cn); + if((*cl)->x509_cert) X509_free((X509 *) (*cl)->x509_cert); diff --git a/pith/smkeys.h b/pith/smkeys.h index 37a92a90..e7dbe396 100644 --- a/pith/smkeys.h +++ b/pith/smkeys.h @@ -66,6 +66,8 @@ int load_cert_for_key(char *pathdir, EVP_PKEY *pkey, char **certfile, X50 char *smime_get_date(ASN1_GENERALIZEDTIME *tm); void resort_certificates(CertList **data, WhichCerts ctype); int setup_certs_backup_by_type(WhichCerts ctype); +char *smime_get_cn(X509_NAME *); + #endif /* PITH_SMKEYS_INCLUDED */ #endif /* SMIME */ |