[pan2] Fix saving of SSL certificate
- From: Petr Kovář <pmkovar src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [pan2] Fix saving of SSL certificate
- Date: Mon, 29 Feb 2016 17:53:14 +0000 (UTC)
commit 6b1b345bffce88437989f7f96c85b8c657413ae3
Author: Detlef Graef <detlef graef yahoo de>
Date: Sat Feb 27 21:30:02 2016 +0100
Fix saving of SSL certificate
pan/data/cert-store.cc | 25 ++++++++++++++++---------
1 files changed, 16 insertions(+), 9 deletions(-)
---
diff --git a/pan/data/cert-store.cc b/pan/data/cert-store.cc
index aa65772..7e928fa 100644
--- a/pan/data/cert-store.cc
+++ b/pan/data/cert-store.cc
@@ -331,39 +331,46 @@ bool CertStore::add(gnutls_x509_crt_t cert, const Quark& server) {
if (!cert || server.empty())
return false;
- std::string addr;
+ std::string addr, cert_file_name, cert_file_name_wp;
int port;
_data.get_server_addr(server, addr, port);
_cert_to_server[server] = cert;
std::stringstream buffer;
buffer << addr << ".pem";
- const char* buf(buffer.str().c_str());
+ cert_file_name = buffer.str().c_str();
+ cert_file_name_wp = file::absolute_fn("ssl_certs", cert_file_name.c_str()).c_str();
- FILE * fp = fopen(file::absolute_fn("ssl_certs", buf).c_str(), "wb");
+ FILE * fp = fopen(cert_file_name_wp.c_str(), "wb");
if (!fp)
return false;
- _data.set_server_cert(server, buf);
+ _data.set_server_cert(server, cert_file_name.c_str());
SaveCBStruct* cbstruct = new SaveCBStruct(*this, server, _data);
g_idle_add(save_server_props_cb, cbstruct);
- size_t outsize;
+ int rc1 = 99;
+ int rc2 = 99;
+ size_t outsize = 0;
/* make up for dumbness of this function */
- gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_PEM, NULL, &outsize);
+ rc1 = gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_PEM, NULL, &outsize);
char* out = new char[outsize];
- gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_PEM, out, &outsize);
+ rc2 = gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_PEM, out, &outsize);
+ if (rc2 != 0) {
+ Log::add_err_va (_("Couldn't export certificate for server: %s"), addr.c_str());
+ } else {
fputs((const char*) out, fp);
-
+ }
+
debug_SSL_verbatim("\n===========================================");
debug_SSL_verbatim(out);
debug_SSL_verbatim("\n===========================================");
delete out;
fclose(fp);
- chmod(buf, 0600);
+ chmod(cert_file_name_wp.c_str(), 0600);
gnutls_certificate_set_x509_trust(_creds, &cert, 1); // for now, only 1 is saved
valid_cert_added(cert, server.c_str());
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]