From 6bcba429b8feb23fa3de2ee8d77bfa80785676ed Mon Sep 17 00:00:00 2001 From: Eduardo Chappa Date: Wed, 9 Sep 2015 19:01:12 -0600 Subject: * SMIME: Offer the common name of the person, instead of the name of file containing the certificate, as the name to be displayed in the certificate management screen for certificate authorities. Suggested by Matthias Rieber. --- alpine/smime.c | 14 ++++++++------ pith/conftype.h | 3 ++- pith/pine.hlp | 7 ++++++- pith/smime.c | 9 +++++---- pith/smkeys.c | 21 +++++++++++++++++++++ pith/smkeys.h | 2 ++ 6 files changed, 44 insertions(+), 12 deletions(-) diff --git a/alpine/smime.c b/alpine/smime.c index 9a3b109d..5e2ae752 100644 --- a/alpine/smime.c +++ b/alpine/smime.c @@ -383,7 +383,7 @@ output_cert_info(X509 *cert, gf_io_t pc) gf_puts(NEWLINE, spc); } else{ - gf_puts_uline("Subject (whose certificate it is)", spc); + gf_puts_uline("Certificate Owner", spc); gf_puts(NEWLINE, spc); output_X509_NAME(cert->cert_info->subject, spc); @@ -1387,21 +1387,22 @@ void smime_manage_certs_init(struct pine *ps, CONF_S **ctmp, CONF_S **first_line e = strlen(cl->name); if(ctype != Private && SMHOLDERTYPE(ctype) == Directory) - e -= 4; /* remove extension length FIX FIX FIX */ + e -= 4; /* remove extension length */ + e = MIN(e, ps->ttyo->screen_cols/3); /* do not use too much screen */ nf = 5; /* there are 5 fields */ s = 3; /* status has fixed size */ df = dt = 10; /* date from and date to have fixed size */ md5 = ps->ttyo->screen_cols - s - df - dt - e - (nf - 1); - memset(u, '\0', sizeof(u)); t = u; smime_setup_size(&t, sizeof(u), s); smime_setup_size(&t, sizeof(u) - strlen(t), e); smime_setup_size(&t, sizeof(u) - strlen(t), df); - *t++ = ' '; /* leave an extra space between dates */ + *t++ = ' '; /* leave an extra space between dates */ smime_setup_size(&t, sizeof(u) - strlen(t), dt); - *t++ = ' '; /* and another space between date and md5 sum */ + *t++ = ' '; /* and another space between date and md5 sum */ smime_setup_size(&t, sizeof(u) - strlen(t), md5); + *t = '\0'; /* tie off */ for(cl = data, i = 0; cl; cl = cl->next) if(cl->name){ @@ -1422,7 +1423,8 @@ void smime_manage_certs_init(struct pine *ps, CONF_S **ctmp, CONF_S **first_line (*ctmp)->d.s.address[sizeof((*ctmp)->d.s.address) - 1] = '\0'; snprintf(tmp, sizeof(tmp), u, (*ctmp)->d.s.deleted ? "D" : " ", - cl->name, DATEFROMCERT(cl), DATETOCERT(cl), MD5CERT(cl)); + ctype == CACert ? cl->cn : cl->name, + DATEFROMCERT(cl), DATETOCERT(cl), MD5CERT(cl)); if(ctype != Private && SMHOLDERTYPE(ctype) == Directory) cl->name[strlen(cl->name)] = '.'; (*ctmp)->value = cpystr(tmp); diff --git a/pith/conftype.h b/pith/conftype.h index 8c89fa28..b7ec5eb0 100644 --- a/pith/conftype.h +++ b/pith/conftype.h @@ -683,7 +683,8 @@ typedef struct certdata { } CertData; typedef struct certlist { - char *name; + char *name; /* file name */ + char *cn; /* CN field from certificate */ void *x509_cert; /* this is type (X509 *) */ CertData data; struct certlist *next; diff --git a/pith/pine.hlp b/pith/pine.hlp index 21a18299..cac10d74 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 101 2015-09-08 19:54:50 +Alpine Commit 102 2015-09-09 19:01:06 ============= h_news ================= @@ -199,6 +199,11 @@ Additions include:
  • SMIME: Certificate information in the S/MIME screen is available for certificates stored in a cotainer. +
  • SMIME: Offer the common name of the person, instead of the name of + file containing the certificate, as the name to be displayed in the + certificate management screen for certificate authorities. + Suggested by Matthias Rieber. +
  • HTML: Add support for decoding entities in hexadecimal notation. Suggested by Tulipánt Gergely. diff --git a/pith/smime.c b/pith/smime.c index dd5745f9..c8c350be 100644 --- a/pith/smime.c +++ b/pith/smime.c @@ -918,10 +918,11 @@ certlist_from_personal_certs(PERSONAL_CERT *pc) x = get_cert_for(pc->name, Public); if(x){ if(x->cert_info){ - cl->data.date_from = smime_get_date(x->cert_info->validity->notBefore); - cl->data.date_to = smime_get_date(x->cert_info->validity->notAfter); - get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL); - cl->data.md5 = cpystr(buf); + cl->data.date_from = smime_get_date(x->cert_info->validity->notBefore); + cl->data.date_to = smime_get_date(x->cert_info->validity->notAfter); + get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL); + cl->data.md5 = cpystr(buf); + cl->cn = smime_get_cn(x->cert_info->subject); } X509_free(x); } diff --git a/pith/smkeys.c b/pith/smkeys.c index 73e3cdbe..c6feb567 100644 --- a/pith/smkeys.c +++ b/pith/smkeys.c @@ -141,6 +141,8 @@ setup_certs_backup_by_type(WhichCerts ctype) cert->data.date_to = cpystr(cl->data.date_to); if(cl->data.md5 != NULL) cert->data.md5 = cpystr(cl->data.md5); + if(cl->cn != NULL) + cert->cn = cpystr(cl->cn); snprintf(buf2, len, "%s.%s", cl->name, cl->data.md5); buf2[sizeof(buf2)-1] = '\0'; cert->name = cpystr(buf2); @@ -197,6 +199,8 @@ setup_certs_backup_by_type(WhichCerts ctype) if((in = BIO_new_file(buf2, "r"))!=0){ x = PEM_read_bio_X509(in, NULL, NULL, NULL); if(x && x->cert_info){ /* for now copy this information */ + X509_NAME_ENTRY *e; + cert = fs_get(sizeof(CertList)); memset((void *)cert, 0, sizeof(CertList)); cert->x509_cert = x; @@ -205,6 +209,7 @@ setup_certs_backup_by_type(WhichCerts ctype) get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL); cert->data.md5 = cpystr(buf); cert->name = cpystr(df->d_name); + cert->cn = smime_get_cn(x->cert_info->subject); /* we will use the cert->data.md5 variable to find a backup certificate, not the name */ if(data == NULL) @@ -245,6 +250,17 @@ setup_certs_backup_by_type(WhichCerts ctype) return rv; } +char * +smime_get_cn(X509_NAME *subject) +{ + char buf[256]; + X509_NAME_ENTRY *e; + e = X509_NAME_get_entry(subject, X509_NAME_entry_count(subject)-2); + if(e) + X509_NAME_get_text_by_OBJ(subject, e->object, buf, sizeof(buf)); + return cpystr(buf); +} + int compare_certs_by_name(const void *data1, const void *data2) { @@ -456,6 +472,7 @@ add_certs_in_dir(X509_LOOKUP *lookup, char *path, char *ext, CertList **cdata) cert->data.date_to = smime_get_date(x->cert_info->validity->notAfter); get_fingerprint(x, EVP_md5(), buf, sizeof(buf), NULL); cert->data.md5 = cpystr(buf); + cert->cn = smime_get_cn(x->cert_info->subject); X509_free(x); } BIO_free(in); @@ -1271,6 +1288,7 @@ add_to_end_of_certlist(CertList **cl, char *name, X509 *cert) new->data.date_to = smime_get_date(cert->cert_info->validity->notAfter); get_fingerprint(cert, EVP_md5(), buf, sizeof(buf), NULL); new->data.md5 = cpystr(buf); + new->cn = smime_get_cn(cert->cert_info->subject); } if(!*cl){ @@ -1301,6 +1319,9 @@ free_certlist(CertList **cl) if((*cl)->name) fs_give((void **) &(*cl)->name); + if((*cl)->cn) + fs_give((void **) &(*cl)->cn); + if((*cl)->x509_cert) X509_free((X509 *) (*cl)->x509_cert); diff --git a/pith/smkeys.h b/pith/smkeys.h index 37a92a90..e7dbe396 100644 --- a/pith/smkeys.h +++ b/pith/smkeys.h @@ -66,6 +66,8 @@ int load_cert_for_key(char *pathdir, EVP_PKEY *pkey, char **certfile, X50 char *smime_get_date(ASN1_GENERALIZEDTIME *tm); void resort_certificates(CertList **data, WhichCerts ctype); int setup_certs_backup_by_type(WhichCerts ctype); +char *smime_get_cn(X509_NAME *); + #endif /* PITH_SMKEYS_INCLUDED */ #endif /* SMIME */ -- cgit v1.2.3-54-g00ecf