Re: [Mutt] #3899: mutt_ssl's interactive_check_cert() has several issues

Wed, 30 Nov 2016 13:24:01 -0800 

#3899: mutt_ssl's interactive_check_cert() has several issues
-----------------------+----------------------
  Reporter:  kevin8t8  |      Owner:  mutt-dev
      Type:  defect    |     Status:  closed
  Priority:  major     |  Milestone:
 Component:  crypto    |    Version:
Resolution:  fixed     |   Keywords:
-----------------------+----------------------

Comment (by derekmartin):

 The struct version would look something like this:

 {{{
 static int get_cert_check_parts(X509_NAME *n, mutt_cert_check_parts *cp)
 {
     buf[STRING];
     /* if this can fail, return FAIL? */
     cp->common_name = x509_get_part(n, NID_commonName);
     cp->email_addr = x509_get_part(n, NID_pkcs9_emailAddress);
     cp->org_name = x509_get_part(n, NID_organizationName);
     cp->org_unit_name = x509_get_part(n, NID_organizationalUnitName);
     cp->locality = x509_get_part(n, NID_localityName);
     cp->state_prov = x509_get_part(n, NID_stateOrProvince);
     cp->country = x509_get_part(n, NID_countryName);
     return SUCCESS;
 }

 /* optionally could take int *row here... */
 static void sprintf_cert_menu(MUTTMENU *menu, mutt_cert_check_parts *cp)
 {
     int row = 0;
     snprintf(menu->dialog[row++], SHORT_STRING, "  %s", cp->common_name);
     snprintf(menu->dialog[row++], SHORT_STRING, "  %s", cp->email_addr);
     snprintf(menu->dialog[row++], SHORT_STRING, "  %s", cp->org_name);
     snprintf(menu->dialog[row++], SHORT_STRING, "  %s",
 cp->org_unit_name);
     snprintf(menu->dialog[row++], SHORT_STRING, "  %s", cp->locality);
     snprintf(menu->dialog[row++], SHORT_STRING, "  %s", cp->state_prov);
     snprintf(menu->dialog[row++], SHORT_STRING, "  %s", cp->country);
 }

 static int interactive_cert_check(...)
 {
     X509_NAME *issuer;
     X509_NAME *subject;
     mutt_cert_check_parts issuer_parts;
     mutt_cert_check_parts subject_parts;

     [...]

     issuer = X509_get_issuer_name(cert);
     /* handle error if appropriate */
     get_cert_check_parts(issuer, &issuer_parts);
     sprintf_cert_menu(menu, &issuer_parts);

     subject = X509_get_subject_name(cert);
     /* handle error if appropriate */
     get_cert_check_parts(subject, &issuer_parts);
     sprintf_cert_menu(menu, &subject_parts);
     [...]

 }

--
Ticket URL: <https://dev.mutt.org/trac/ticket/3899#comment:11>
Mutt <http://www.mutt.org/>
The Mutt mail user agent

Reply via email to