summaryrefslogtreecommitdiff
path: root/pith
diff options
context:
space:
mode:
authorEduardo Chappa <chappa@washington.edu>2015-09-09 19:01:12 -0600
committerEduardo Chappa <chappa@washington.edu>2015-09-09 19:01:12 -0600
commit6bcba429b8feb23fa3de2ee8d77bfa80785676ed (patch)
tree8d4b15160beb2ee15b5bb3719f1b58b7e297790d /pith
parent8cc4a2fc0e42e07a61d51bffd882d9251332a5ed (diff)
downloadalpine-6bcba429b8feb23fa3de2ee8d77bfa80785676ed.tar.xz
* SMIME: Offer the common name of the person, instead of the name of
file containing the certificate, as the name to be displayed in the certificate management screen for certificate authorities. Suggested by Matthias Rieber.
Diffstat (limited to 'pith')
-rw-r--r--pith/conftype.h3
-rw-r--r--pith/pine.hlp7
-rw-r--r--pith/smime.c9
-rw-r--r--pith/smkeys.c21
-rw-r--r--pith/smkeys.h2
5 files changed, 36 insertions, 6 deletions
diff --git a/pith/conftype.h b/pith/conftype.h
index 8c89fa28..b7ec5eb0 100644
--- a/pith/conftype.h
+++ b/pith/conftype.h
@@ -683,7 +683,8 @@ typedef struct certdata {
} CertData;
typedef struct certlist {
- char *name;
+ char *name; /* file name */
+ char *cn; /* CN field from certificate */
void *x509_cert; /* this is type (X509 *) */
CertData data;
struct certlist *next;
diff --git a/pith/pine.hlp b/pith/pine.hlp
index 21a18299..cac10d74 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
reasonable place to be called from.
Dummy change to get revision in pine.hlp
============= h_revision =================
-Alpine Commit 101 2015-09-08 19:54:50
+Alpine Commit 102 2015-09-09 19:01:06
============= h_news =================
<HTML>
<HEAD>
@@ -199,6 +199,11 @@ Additions include:
<LI> SMIME: Certificate information in the S/MIME screen is available
for certificates stored in a cotainer.
+ <LI> SMIME: Offer the common name of the person, instead of the name of
+ file containing the certificate, as the name to be displayed in the
+ certificate management screen for certificate authorities.
+ Suggested by Matthias Rieber.
+
<LI> HTML: Add support for decoding entities in hexadecimal notation.
Suggested by Tulip&aacute;nt Gergely.
diff --git a/pith/smime.c b/pith/smime.c
index dd5745f9..c8c350be 100644
--- a/pith/smime.c
+++ b/pith/smime.c
@@ -918,10 +918,11 @@ certlist_from_personal_certs(PERSONAL_CERT *pc)
x = get_cert_for(pc->name, Public);
if(x){
if(x->cert_info){
- cl->data.date_from = smime_get_date(x->cert_info->validity->notBefore);
- cl->data.date_to = smime_get_date(x->cert_info->validity->notAfter);
- get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL);
- cl->data.md5 = cpystr(buf);
+ cl->data.date_from = smime_get_date(x->cert_info->validity->notBefore);
+ cl->data.date_to = smime_get_date(x->cert_info->validity->notAfter);
+ get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL);
+ cl->data.md5 = cpystr(buf);
+ cl->cn = smime_get_cn(x->cert_info->subject);
}
X509_free(x);
}
diff --git a/pith/smkeys.c b/pith/smkeys.c
index 73e3cdbe..c6feb567 100644
--- a/pith/smkeys.c
+++ b/pith/smkeys.c
@@ -141,6 +141,8 @@ setup_certs_backup_by_type(WhichCerts ctype)
cert->data.date_to = cpystr(cl->data.date_to);
if(cl->data.md5 != NULL)
cert->data.md5 = cpystr(cl->data.md5);
+ if(cl->cn != NULL)
+ cert->cn = cpystr(cl->cn);
snprintf(buf2, len, "%s.%s", cl->name, cl->data.md5);
buf2[sizeof(buf2)-1] = '\0';
cert->name = cpystr(buf2);
@@ -197,6 +199,8 @@ setup_certs_backup_by_type(WhichCerts ctype)
if((in = BIO_new_file(buf2, "r"))!=0){
x = PEM_read_bio_X509(in, NULL, NULL, NULL);
if(x && x->cert_info){ /* for now copy this information */
+ X509_NAME_ENTRY *e;
+
cert = fs_get(sizeof(CertList));
memset((void *)cert, 0, sizeof(CertList));
cert->x509_cert = x;
@@ -205,6 +209,7 @@ setup_certs_backup_by_type(WhichCerts ctype)
get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL);
cert->data.md5 = cpystr(buf);
cert->name = cpystr(df->d_name);
+ cert->cn = smime_get_cn(x->cert_info->subject);
/* we will use the cert->data.md5 variable to find a backup
certificate, not the name */
if(data == NULL)
@@ -245,6 +250,17 @@ setup_certs_backup_by_type(WhichCerts ctype)
return rv;
}
+char *
+smime_get_cn(X509_NAME *subject)
+{
+ char buf[256];
+ X509_NAME_ENTRY *e;
+ e = X509_NAME_get_entry(subject, X509_NAME_entry_count(subject)-2);
+ if(e)
+ X509_NAME_get_text_by_OBJ(subject, e->object, buf, sizeof(buf));
+ return cpystr(buf);
+}
+
int
compare_certs_by_name(const void *data1, const void *data2)
{
@@ -456,6 +472,7 @@ add_certs_in_dir(X509_LOOKUP *lookup, char *path, char *ext, CertList **cdata)
cert->data.date_to = smime_get_date(x->cert_info->validity->notAfter);
get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL);
cert->data.md5 = cpystr(buf);
+ cert->cn = smime_get_cn(x->cert_info->subject);
X509_free(x);
}
BIO_free(in);
@@ -1271,6 +1288,7 @@ add_to_end_of_certlist(CertList **cl, char *name, X509 *cert)
new->data.date_to = smime_get_date(cert->cert_info->validity->notAfter);
get_fingerprint(cert, EVP_md5(), buf, sizeof(buf), NULL);
new->data.md5 = cpystr(buf);
+ new->cn = smime_get_cn(cert->cert_info->subject);
}
if(!*cl){
@@ -1301,6 +1319,9 @@ free_certlist(CertList **cl)
if((*cl)->name)
fs_give((void **) &(*cl)->name);
+ if((*cl)->cn)
+ fs_give((void **) &(*cl)->cn);
+
if((*cl)->x509_cert)
X509_free((X509 *) (*cl)->x509_cert);
diff --git a/pith/smkeys.h b/pith/smkeys.h
index 37a92a90..e7dbe396 100644
--- a/pith/smkeys.h
+++ b/pith/smkeys.h
@@ -66,6 +66,8 @@ int load_cert_for_key(char *pathdir, EVP_PKEY *pkey, char **certfile, X50
char *smime_get_date(ASN1_GENERALIZEDTIME *tm);
void resort_certificates(CertList **data, WhichCerts ctype);
int setup_certs_backup_by_type(WhichCerts ctype);
+char *smime_get_cn(X509_NAME *);
+
#endif /* PITH_SMKEYS_INCLUDED */
#endif /* SMIME */