2 * ========================================================================
3 * Copyright 2013-2022 Eduardo Chappa
4 * Copyright 2008 University of Washington
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
10 * http://www.apache.org/licenses/LICENSE-2.0
12 * ========================================================================
16 * This is based on a contribution from Jonathan Paisley
19 * Author: paisleyj@dcs.gla.ac.uk
28 #include "../pith/charconv/utf8.h"
29 #include "../pith/status.h"
30 #include "../pith/store.h"
31 #include "../pith/conf.h"
32 #include "../pith/list.h"
33 #include "../pith/mailcmd.h"
34 #include "../pith/tempfile.h"
35 #include "../pith/body.h"
41 #include "confscroll.h"
45 /* internal prototypes */
46 void format_smime_info(int pass
, BODY
*body
, long msgno
, gf_o_t pc
);
47 void print_separator_line(int percent
, int ch
, gf_o_t pc
);
48 void output_cert_info(X509
*cert
, gf_o_t pc
);
49 void output_X509_NAME(X509_NAME
*name
, gf_o_t pc
);
50 void side_by_side(STORE_S
*left
, STORE_S
*right
, gf_o_t pc
);
51 STORE_S
*wrap_store(STORE_S
*in
, int width
);
52 void smime_config_init_display(struct pine
*, CONF_S
**, CONF_S
**);
53 void revert_to_saved_smime_config(struct pine
*ps
, SAVED_CONFIG_S
*vsave
);
54 SAVED_CONFIG_S
*save_smime_config_vars(struct pine
*ps
);
55 void free_saved_smime_config(struct pine
*ps
, SAVED_CONFIG_S
**vsavep
);
56 int smime_helper_tool(struct pine
*, int, CONF_S
**, unsigned);
57 void manage_certificates(struct pine
*, WhichCerts
);
59 void manage_password_file_certificates(struct pine
*);
61 void smime_manage_certs_init (struct pine
*, CONF_S
**, CONF_S
**, WhichCerts
, int);
62 void smime_manage_password_file_certs_init(struct pine
*, CONF_S
**, CONF_S
**, int, int *);
63 void display_certificate_information(struct pine
*, X509
*, char *, WhichCerts
, int num
);
64 int manage_certs_tool(struct pine
*ps
, int cmd
, CONF_S
**cl
, unsigned flags
);
65 int manage_certificate_info_tool(int, MSGNO_S
*, SCROLL_S
*);
66 void smime_setup_size(char **, size_t, size_t);
70 * prompt the user for their passphrase
71 * (possibly prompting with the email address in s_passphrase_emailaddr)
74 smime_get_passphrase(void)
79 HelpType help
= NO_HELP
;
81 assert(ps_global
->smime
!= NULL
);
82 snprintf(prompt
, sizeof(prompt
),
83 _("Enter passphrase for <%s>: "), (ps_global
->smime
&& ps_global
->smime
->passphrase_emailaddr
) ? ps_global
->smime
->passphrase_emailaddr
[0] : "unknown");
86 flags
= F_ON(F_QUELL_ASTERISKS
, ps_global
) ? OE_PASSWD_NOAST
: OE_PASSWD
;
87 flags
|= OE_DISALLOW_HELP
;
88 ((char *) ps_global
->smime
->passphrase
)[0] = '\0';
89 rc
= optionally_enter((char *) ps_global
->smime
->passphrase
,
90 -FOOTER_ROWS(ps_global
), 0,
91 sizeof(ps_global
->smime
->passphrase
),
92 prompt
, NULL
, help
, &flags
);
93 } while (rc
!=0 && rc
!=1 && rc
>0);
97 ps_global
->smime
->entered_passphrase
= 1;
100 return rc
; /* better return rc and make the caller check its return value */
104 smime_check(BODY
*body
)
109 if(body
->type
== TYPEMULTIPART
){
112 for(p
=body
->nested
.part
; p
&& rv
== 0; p
=p
->next
)
113 rv
+= smime_check(&p
->body
);
115 if(rv
> 0) return rv
;
117 p7
= get_body_sparep_type(body
->sparep
) == P7Type
118 ? (PKCS7
*)get_body_sparep_data(body
->sparep
)
120 if(p7
&& (PKCS7_type_is_signed(p7
) || PKCS7_type_is_enveloped(p7
)))
127 display_smime_info(struct pine
*ps
, ENVELOPE
*env
, BODY
*body
)
129 OtherMenu what
= FirstMenu
;
130 HANDLE_S
*handles
= NULL
;
132 STORE_S
*store
= NULL
;
136 msgno
= mn_m2raw(ps
->msgmap
, mn_get_cur(ps
->msgmap
));
137 store
= so_get(CharStar
, NULL
, EDIT_ACCESS
);
139 while(ps
->next_screen
== SCREEN_FUN_NULL
){
143 so_truncate(store
, 0);
145 view_writec_init(store
, &handles
, HEADER_ROWS(ps
),
147 ps
->ttyo
->screen_rows
- (HEADER_ROWS(ps
)
150 gf_puts_uline("Overview", view_writec
);
151 gf_puts(NEWLINE
, view_writec
);
153 format_smime_info(1, body
, msgno
, view_writec
);
154 gf_puts(NEWLINE
, view_writec
);
155 format_smime_info(2, body
, msgno
, view_writec
);
157 view_writec_destroy();
159 ps
->next_screen
= SCREEN_FUN_NULL
;
161 memset(&scrollargs
, 0, sizeof(SCROLL_S
));
162 scrollargs
.text
.text
= so_text(store
);
163 scrollargs
.text
.src
= CharStar
;
164 scrollargs
.text
.desc
= "S/MIME information";
165 scrollargs
.body_valid
= 1;
167 if(offset
){ /* resize? preserve paging! */
168 scrollargs
.start
.on
= Offset
;
169 scrollargs
.start
.loc
.offset
= offset
;
173 scrollargs
.bar
.title
= "S/MIME INFORMATION";
174 /* scrollargs.end_scroll = view_end_scroll; */
175 scrollargs
.resize_exit
= 1;
176 scrollargs
.help
.text
= NULL
;
177 scrollargs
.help
.title
= "HELP FOR S/MIME INFORMATION VIEW";
178 scrollargs
.keys
.menu
= &smime_info_keymenu
;
179 scrollargs
.keys
.what
= what
;
180 setbitmap(scrollargs
.keys
.bitmap
);
182 if(scrolltool(&scrollargs
) == MC_RESIZE
)
183 offset
= scrollargs
.start
.loc
.offset
;
190 smime_info_screen(struct pine
*ps
)
196 /* ps->prev_screen = smime_info_screen;
197 ps->next_screen = SCREEN_FUN_NULL; */
199 msgno
= mn_m2raw(ps
->msgmap
, mn_get_cur(ps
->msgmap
));
201 env
= mail_fetch_structure(ps
->mail_stream
, msgno
, &body
, 0);
204 q_status_message(SM_ORDER
, 0, 3,
205 _("Can't fetch body of message."));
209 if(smime_check(body
) == 0){
210 q_status_message(SM_ORDER
| SM_DING
, 0, 3,
211 _("Not a signed or encrypted message"));
215 if(mn_total_cur(ps
->msgmap
) > 1L){
216 q_status_message(SM_ORDER
| SM_DING
, 0, 3,
217 _("Can only view one message's information at a time."));
221 display_smime_info(ps
, env
, body
);
226 format_smime_info(int pass
, BODY
*body
, long msgno
, gf_o_t pc
)
231 if(body
->type
== TYPEMULTIPART
){
234 for(p
=body
->nested
.part
; p
; p
=p
->next
)
235 format_smime_info(pass
, &p
->body
, msgno
, pc
);
238 p7
= get_body_sparep_type(body
->sparep
) == P7Type
239 ? (PKCS7
*)get_body_sparep_data(body
->sparep
)
243 if(PKCS7_type_is_signed(p7
)){
244 STACK_OF(X509
) *signers
;
248 gf_puts(_("This message was cryptographically signed."), pc
);
249 gf_puts(NEWLINE
, pc
);
253 signers
= PKCS7_get0_signers(p7
, NULL
, 0);
257 snprintf(tmp_20k_buf
, SIZEOF_20KBUF
, _("Certificate%s used for signing"),
258 plural(sk_X509_num(signers
)));
259 gf_puts_uline(tmp_20k_buf
, pc
);
260 gf_puts(NEWLINE
, pc
);
261 print_separator_line(100, '-', pc
);
263 for(i
=0; i
<sk_X509_num(signers
); i
++){
264 X509
*x
= sk_X509_value(signers
, i
);
267 output_cert_info(x
, pc
);
268 gf_puts(NEWLINE
, pc
);
273 sk_X509_free(signers
);
278 else if(PKCS7_type_is_enveloped(p7
)){
282 gf_puts(_("This message was encrypted."), pc
);
283 gf_puts(NEWLINE
, pc
);
287 if(p7
->d
.enveloped
&& p7
->d
.enveloped
->enc_data
){
288 X509_ALGOR
*alg
= p7
->d
.enveloped
->enc_data
->algorithm
;
289 STACK_OF(PKCS7_RECIP_INFO
) *ris
= p7
->d
.enveloped
->recipientinfo
;
292 gf_puts(_("The algorithm used to encrypt was "), pc
);
295 char *n
= (char *) OBJ_nid2sn( OBJ_obj2nid(alg
->algorithm
));
297 gf_puts(n
? n
: "<unknown>", pc
);
301 gf_puts("<unknown>", pc
);
303 gf_puts("." NEWLINE NEWLINE
, pc
);
305 snprintf(tmp_20k_buf
, SIZEOF_20KBUF
, _("Certificate%s for decrypting"),
306 plural(sk_PKCS7_RECIP_INFO_num(ris
)));
307 gf_puts_uline(tmp_20k_buf
, pc
);
308 gf_puts(NEWLINE
, pc
);
309 print_separator_line(100, '-', pc
);
311 for(i
=0; i
<sk_PKCS7_RECIP_INFO_num(ris
); i
++){
312 PKCS7_RECIP_INFO
*ri
;
313 PERSONAL_CERT
*pcert
;
315 ri
= sk_PKCS7_RECIP_INFO_value(ris
, i
);
319 pcert
= find_certificate_matching_recip_info(ri
);
323 print_separator_line(25, '*', pc
);
324 gf_puts(NEWLINE
, pc
);
329 output_cert_info(pcert
->cert
, pc
);
330 gf_puts(NEWLINE
, pc
);
336 gf_puts(_("No certificate capable of decrypting could be found."), pc
);
337 gf_puts(NEWLINE
, pc
);
338 gf_puts(NEWLINE
, pc
);
350 print_separator_line(int percent
, int ch
, gf_o_t pc
)
354 len
= ps_global
->ttyo
->screen_cols
* percent
/ 100;
355 start
= (ps_global
->ttyo
->screen_cols
- len
)/2;
357 for(i
=0; i
<start
; i
++)
360 for(i
=start
; i
<start
+len
; i
++)
363 gf_puts(NEWLINE
, pc
);
368 output_cert_info(X509
*cert
, gf_o_t pc
)
371 STORE_S
*left
,*right
;
374 STACK_OF(X509
) *chain
;
376 left
= so_get(CharStar
, NULL
, EDIT_ACCESS
);
377 right
= so_get(CharStar
, NULL
, EDIT_ACCESS
);
381 gf_set_so_writec(&spc
, left
);
383 gf_puts_uline("Certificate Owner", spc
);
384 gf_puts(NEWLINE
, spc
);
386 output_X509_NAME(X509_get_subject_name(cert
), spc
);
387 gf_puts(NEWLINE
, spc
);
389 gf_puts_uline("Serial Number", spc
);
390 gf_puts(NEWLINE
, spc
);
397 bs
= X509_get_serialNumber(cert
);
398 if (bs
->length
<= (int)sizeof(long)){
399 l
= ASN1_INTEGER_get(bs
);
400 if (bs
->type
== V_ASN1_NEG_INTEGER
){
406 snprintf(buf
, sizeof(buf
), " %s%lu (%s0x%lx)", neg
, l
, neg
, l
);
408 snprintf(buf
, sizeof(buf
), "%s", bs
->type
== V_ASN1_NEG_INTEGER
? "(Negative)" : "");
409 for (i
= 0; i
< bs
->length
; i
++)
410 snprintf(buf
+ strlen(buf
), sizeof(buf
) - strlen(buf
), "%02x%s", bs
->data
[i
],
411 i
+1 == bs
->length
? "" : ":");
415 gf_puts(NEWLINE
, spc
);
416 gf_puts(NEWLINE
, spc
);
418 gf_puts_uline("Validity", spc
);
419 gf_puts(NEWLINE
, spc
);
420 { BIO
*mb
= BIO_new(BIO_s_mem());
423 gf_puts("Not Before: ", spc
);
425 (void) BIO_reset(mb
);
426 ASN1_UTCTIME_print(mb
, X509_get0_notBefore(cert
));
427 (void) BIO_flush(mb
);
428 while((len
= BIO_read(mb
, iobuf
, sizeof(iobuf
))) > 0)
429 gf_nputs(iobuf
, len
, spc
);
431 gf_puts(NEWLINE
, spc
);
433 gf_puts("Not After: ", spc
);
435 (void) BIO_reset(mb
);
436 ASN1_UTCTIME_print(mb
, X509_get0_notAfter(cert
));
437 (void) BIO_flush(mb
);
438 while((len
= BIO_read(mb
, iobuf
, sizeof(iobuf
))) > 0)
439 gf_nputs(iobuf
, len
, spc
);
441 gf_puts(NEWLINE
, spc
);
442 gf_puts(NEWLINE
, spc
);
447 gf_clear_so_writec(left
);
449 gf_set_so_writec(&spc
, right
);
451 gf_puts_uline("Issuer", spc
);
452 gf_puts(NEWLINE
, spc
);
454 output_X509_NAME(X509_get_issuer_name(cert
), spc
);
455 gf_puts(NEWLINE
, spc
);
457 gf_clear_so_writec(right
);
459 side_by_side(left
, right
, pc
);
461 gf_puts_uline("SHA1 Fingerprint", pc
);
462 gf_puts(NEWLINE
, pc
);
463 get_fingerprint(cert
, EVP_sha1(), buf
, sizeof(buf
), ":");
465 gf_puts(NEWLINE
, pc
);
467 gf_puts_uline("MD5 Fingerprint", pc
);
468 gf_puts(NEWLINE
, pc
);
469 get_fingerprint(cert
, EVP_md5(), buf
, sizeof(buf
), ":");
471 gf_puts(NEWLINE
, pc
);
472 gf_puts(NEWLINE
, pc
);
474 gf_puts_uline("Certificate Chain Information", pc
);
475 gf_puts(NEWLINE
, pc
);
477 if((chain
= get_chain_for_cert(cert
, &error
, &len
)) != NULL
){
484 for(i
= 0; i
< offset
; i
++) space
[i
] = ' ';
486 for(i
= -1; i
< sk_X509_num(chain
); i
++){
489 x
= i
== -1 ? cert
: sk_X509_value(chain
, i
);
493 space
[offset
+ i
+ 0] = ' ';
494 space
[offset
+ i
+ 1] = '\\';
495 space
[offset
+ i
+ 2] = '-';
496 space
[offset
+ i
+ 3] = ' ';
497 space
[offset
+ i
+ 4] = '\0';
501 space
[offset
] = '\0';
505 gf_puts_uline("Signed by: ", pc
);
507 gf_puts_uline("Issued to: ", pc
);
509 subject
= X509_get_subject_name(x
);
511 if((e
= X509_NAME_get_entry(subject
, X509_NAME_entry_count(subject
)-1)) != NULL
){
512 X509_NAME_get_text_by_OBJ(subject
, X509_NAME_ENTRY_get_object(e
), buf
, sizeof(buf
));
514 gf_puts(NEWLINE
, pc
);
518 gf_puts("No certificate info found", pc
);
519 gf_puts(NEWLINE
, pc
);
523 e
= X509_NAME_get_entry(X509_get_issuer_name(x
),
524 X509_NAME_entry_count(X509_get_issuer_name(x
))-1);
526 X509_NAME_get_text_by_OBJ(X509_get_issuer_name(x
), X509_NAME_ENTRY_get_object(e
), buf
, sizeof(buf
));
527 space
[offset
+ i
+ 0] = ' ';
528 space
[offset
+ i
+ 1] = '\\';
529 space
[offset
+ i
+ 2] = '-';
530 space
[offset
+ i
+ 3] = ' ';
531 space
[offset
+ i
+ 4] = '\0';
533 gf_puts_uline("Signed by: ", pc
);
535 gf_puts(NEWLINE
, pc
);
537 sk_X509_pop_free(chain
, X509_free
);
539 gf_puts(NEWLINE
, pc
);
547 output_X509_NAME(X509_NAME
*name
, gf_o_t pc
)
552 c
= X509_NAME_entry_count(name
);
554 for(i
=c
-1; i
>=0; i
--){
557 e
= X509_NAME_get_entry(name
,i
);
561 X509_NAME_get_text_by_OBJ(name
, X509_NAME_ENTRY_get_object(e
), buf
, sizeof(buf
));
564 gf_puts(NEWLINE
, pc
);
570 * Output the contents of the given stores (left and right)
571 * to the given gf_io_t.
572 * The width of the terminal is inspected and two columns
573 * are created to fit the stores into. They are then wrapped
577 side_by_side(STORE_S
*left
, STORE_S
*right
, gf_o_t pc
)
579 STORE_S
*left_wrapped
;
580 STORE_S
*right_wrapped
;
586 int w
= ps_global
->ttyo
->screen_cols
/2 - 1;
589 so_seek(right
, 0, 0);
591 left_wrapped
= wrap_store(left
, w
);
592 right_wrapped
= wrap_store(right
, w
);
594 so_seek(left_wrapped
, 0, 0);
595 so_seek(right_wrapped
, 0, 0);
599 l
= so_fgets(left_wrapped
, buf_l
, sizeof(buf_l
));
600 r
= so_fgets(right_wrapped
, buf_r
, sizeof(buf_r
));
601 if(l
== NULL
&& r
== NULL
)
604 for(i
=0, b
=buf_l
; i
<w
&& *b
&& *b
!='\r' && *b
!='\n'; i
++,b
++){
606 /* reduce accumulated width if an embed tag is discovered */
618 for(i
=0, b
=buf_r
; i
<w
&& *b
&& *b
!='\r' && *b
!='\n'; i
++,b
++)
622 gf_puts(NEWLINE
, pc
);
625 so_give(&left_wrapped
);
626 so_give(&right_wrapped
);
630 * Wrap the text in the given store to the given width.
631 * A new store is created for the result.
634 wrap_store(STORE_S
*in
, int width
)
644 result
= so_get(CharStar
, NULL
, EDIT_ACCESS
);
645 ws
= gf_wrap_filter_opt(width
, width
, NULL
, 0, 0);
648 gf_link_filter(gf_wrap
, ws
);
650 gf_set_so_writec(&opc
, result
);
651 gf_set_so_readc(&ipc
, in
);
655 gf_clear_so_readc(in
);
656 gf_clear_so_writec(result
);
663 smime_config_screen(struct pine
*ps
, int edit_exceptions
)
665 CONF_S
*ctmp
= NULL
, *first_line
= NULL
;
666 SAVED_CONFIG_S
*vsave
;
668 int ew
, readonly_warning
= 0;
670 dprint((9, "smime_config_screen()"));
671 ps
->next_screen
= SCREEN_FUN_NULL
;
674 * this is necessary because we need to know the correct paths
675 * to configure certificates and keys, and we could get here
676 * without having done that before we reach this place.
680 if(ps
->fix_fixed_warning
)
681 offer_to_fix_pinerc(ps
);
683 ew
= edit_exceptions
? ps_global
->ew_for_except_vars
: Main
;
686 readonly_warning
= 1;
688 PINERC_S
*prc
= NULL
;
701 readonly_warning
= prc
? prc
->readonly
: 1;
702 if(prc
&& prc
->quit_to_edit
){
703 quit_to_edit_msg(prc
);
708 smime_config_init_display(ps
, &ctmp
, &first_line
);
710 vsave
= save_smime_config_vars(ps
);
712 memset(&screen
, 0, sizeof(screen
));
713 screen
.deferred_ro_warning
= readonly_warning
;
714 switch(conf_scroll_screen(ps
, &screen
, first_line
,
715 edit_exceptions
? _("SETUP S/MIME EXCEPTIONS")
717 /* TRANSLATORS: Print something1 using something2.
718 configuration is something1 */
719 _("configuration"), 0, NULL
)){
724 write_pinerc(ps
, ew
, WRP_NONE
);
728 revert_to_saved_smime_config(ps
, vsave
);
732 q_status_message(SM_ORDER
, 7, 10,
733 _("conf_scroll_screen bad ret in smime_config"));
737 free_saved_smime_config(ps
, &vsave
);
743 smime_related_var(struct pine
*ps
, struct variable
*var
)
745 return(var
== &ps
->vars
[V_PUBLICCERT_DIR
] ||
746 var
== &ps
->vars
[V_PUBLICCERT_CONTAINER
] ||
747 var
== &ps
->vars
[V_PRIVATEKEY_DIR
] ||
748 var
== &ps
->vars
[V_PRIVATEKEY_CONTAINER
] ||
749 var
== &ps
->vars
[V_CACERT_DIR
] ||
750 var
== &ps
->vars
[V_CACERT_CONTAINER
]);
754 smime_config_init_display(struct pine
*ps
, CONF_S
**ctmp
, CONF_S
**first_line
)
758 struct variable
*vtmp
;
762 /* find longest variable name */
763 for(vtmp
= ps
->vars
; vtmp
->name
; vtmp
++){
764 if(!(smime_related_var(ps
, vtmp
)))
767 if((i
= utf8_width(pretty_var_name(vtmp
->name
))) > ln
)
771 for(vtmp
= ps
->vars
; vtmp
->name
; vtmp
++){
772 if(!(smime_related_var(ps
, vtmp
)))
775 new_confline(ctmp
)->var
= vtmp
;
776 if(first_line
&& !*first_line
)
779 (*ctmp
)->valoffset
= ln
+3;
780 (*ctmp
)->keymenu
= &config_text_keymenu
;
781 (*ctmp
)->help
= config_help(vtmp
- ps
->vars
, 0);
782 (*ctmp
)->tool
= text_tool
;
784 utf8_snprintf(tmp
, sizeof(tmp
), "%-*.100w =", ln
, pretty_var_name(vtmp
->name
));
785 tmp
[sizeof(tmp
)-1] = '\0';
787 (*ctmp
)->varname
= cpystr(tmp
);
788 (*ctmp
)->varnamep
= (*ctmp
);
789 (*ctmp
)->flags
= CF_STARTITEM
;
790 (*ctmp
)->value
= pretty_value(ps
, *ctmp
);
794 vtmp
= &ps
->vars
[V_FEATURE_LIST
];
798 (*ctmp
)->flags
|= CF_NOSELECT
| CF_STARTITEM
;
799 (*ctmp
)->keymenu
= &config_checkbox_keymenu
;
800 (*ctmp
)->tool
= NULL
;
802 /* put a nice delimiter before list */
803 new_confline(ctmp
)->var
= NULL
;
804 (*ctmp
)->varnamep
= ctmpb
;
805 (*ctmp
)->keymenu
= &config_checkbox_keymenu
;
806 (*ctmp
)->help
= NO_HELP
;
807 (*ctmp
)->tool
= checkbox_tool
;
808 (*ctmp
)->valoffset
= feature_indent();
809 (*ctmp
)->flags
|= CF_NOSELECT
;
810 (*ctmp
)->value
= cpystr("Set Feature Name");
812 new_confline(ctmp
)->var
= NULL
;
813 (*ctmp
)->varnamep
= ctmpb
;
814 (*ctmp
)->keymenu
= &config_checkbox_keymenu
;
815 (*ctmp
)->help
= NO_HELP
;
816 (*ctmp
)->tool
= checkbox_tool
;
817 (*ctmp
)->valoffset
= feature_indent();
818 (*ctmp
)->flags
|= CF_NOSELECT
;
819 (*ctmp
)->value
= cpystr("--- ----------------------");
821 ind
= feature_list_index(F_DONT_DO_SMIME
);
822 feature
= feature_list(ind
);
823 new_confline(ctmp
)->var
= vtmp
;
824 (*ctmp
)->varnamep
= ctmpb
;
825 (*ctmp
)->keymenu
= &config_checkbox_keymenu
;
826 (*ctmp
)->help
= config_help(vtmp
-ps
->vars
, feature
->id
);
827 (*ctmp
)->tool
= checkbox_tool
;
828 (*ctmp
)->valoffset
= feature_indent();
829 (*ctmp
)->varmem
= ind
;
830 (*ctmp
)->value
= pretty_value(ps
, (*ctmp
));
832 ind
= feature_list_index(F_ENCRYPT_DEFAULT_ON
);
833 feature
= feature_list(ind
);
834 new_confline(ctmp
)->var
= vtmp
;
835 (*ctmp
)->varnamep
= ctmpb
;
836 (*ctmp
)->keymenu
= &config_checkbox_keymenu
;
837 (*ctmp
)->help
= config_help(vtmp
-ps
->vars
, feature
->id
);
838 (*ctmp
)->tool
= checkbox_tool
;
839 (*ctmp
)->valoffset
= feature_indent();
840 (*ctmp
)->varmem
= ind
;
841 (*ctmp
)->value
= pretty_value(ps
, (*ctmp
));
843 ind
= feature_list_index(F_REMEMBER_SMIME_PASSPHRASE
);
844 feature
= feature_list(ind
);
845 new_confline(ctmp
)->var
= vtmp
;
846 (*ctmp
)->varnamep
= ctmpb
;
847 (*ctmp
)->keymenu
= &config_checkbox_keymenu
;
848 (*ctmp
)->help
= config_help(vtmp
-ps
->vars
, feature
->id
);
849 (*ctmp
)->tool
= checkbox_tool
;
850 (*ctmp
)->valoffset
= feature_indent();
851 (*ctmp
)->varmem
= ind
;
852 (*ctmp
)->value
= pretty_value(ps
, (*ctmp
));
854 ind
= feature_list_index(F_SIGN_DEFAULT_ON
);
855 feature
= feature_list(ind
);
856 new_confline(ctmp
)->var
= vtmp
;
857 (*ctmp
)->varnamep
= ctmpb
;
858 (*ctmp
)->keymenu
= &config_checkbox_keymenu
;
859 (*ctmp
)->help
= config_help(vtmp
-ps
->vars
, feature
->id
);
860 (*ctmp
)->tool
= checkbox_tool
;
861 (*ctmp
)->valoffset
= feature_indent();
862 (*ctmp
)->varmem
= ind
;
863 (*ctmp
)->value
= pretty_value(ps
, (*ctmp
));
865 ind
= feature_list_index(F_USE_CERT_STORE_ONLY
);
866 feature
= feature_list(ind
);
867 new_confline(ctmp
)->var
= vtmp
;
868 (*ctmp
)->varnamep
= ctmpb
;
869 (*ctmp
)->keymenu
= &config_checkbox_keymenu
;
870 (*ctmp
)->help
= config_help(vtmp
-ps
->vars
, feature
->id
);
871 (*ctmp
)->tool
= checkbox_tool
;
872 (*ctmp
)->valoffset
= feature_indent();
873 (*ctmp
)->varmem
= ind
;
874 (*ctmp
)->value
= pretty_value(ps
, (*ctmp
));
878 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
881 (*ctmp
)->flags
|= CF_NOSELECT
;
882 (*ctmp
)->value
= cpystr(_("Mac OS X specific features"));
884 ind
= feature_list_index(F_PUBLICCERTS_IN_KEYCHAIN
);
885 feature
= feature_list(ind
);
886 new_confline(ctmp
)->var
= vtmp
;
887 (*ctmp
)->varnamep
= ctmpb
;
888 (*ctmp
)->keymenu
= &config_checkbox_keymenu
;
889 (*ctmp
)->help
= config_help(vtmp
-ps
->vars
, feature
->id
);
890 (*ctmp
)->tool
= checkbox_tool
;
891 (*ctmp
)->valoffset
= feature_indent();
892 (*ctmp
)->varmem
= ind
;
893 (*ctmp
)->value
= pretty_value(ps
, (*ctmp
));
894 #endif /* APPLEKEYCHAIN */
897 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
899 for(i
= 0; i
< sizeof(tmp
) && i
< (ps
->ttyo
? ps
->ttyo
->screen_cols
: sizeof(tmp
)); i
++)
903 (*ctmp
)->flags
|= CF_NOSELECT
;
904 (*ctmp
)->value
= cpystr(tmp
);
907 (*ctmp
)->flags
|= CF_NOSELECT
;
908 (*ctmp
)->value
= cpystr(_("Be careful with the following commands, they REPLACE contents in the target"));
911 (*ctmp
)->flags
|= CF_NOSELECT
;
912 (*ctmp
)->value
= cpystr(tmp
);
915 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
917 /* copy public directory to container */
919 (*ctmp
)->tool
= smime_helper_tool
;
920 (*ctmp
)->keymenu
= &config_smime_helper_keymenu
;
921 (*ctmp
)->help
= h_config_smime_transfer_pub_to_con
;
922 (*ctmp
)->value
= cpystr(_("Transfer public certs FROM directory TO container"));
925 /* copy private directory to container */
927 (*ctmp
)->tool
= smime_helper_tool
;
928 (*ctmp
)->keymenu
= &config_smime_helper_keymenu
;
929 (*ctmp
)->help
= h_config_smime_transfer_priv_to_con
;
930 (*ctmp
)->value
= cpystr(_("Transfer private keys FROM directory TO container"));
933 /* copy cacert directory to container */
935 (*ctmp
)->tool
= smime_helper_tool
;
936 (*ctmp
)->keymenu
= &config_smime_helper_keymenu
;
937 (*ctmp
)->help
= h_config_smime_transfer_cacert_to_con
;
938 (*ctmp
)->value
= cpystr(_("Transfer CA certs FROM directory TO container"));
941 new_confline(ctmp
)->var
= vtmp
;
942 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
944 /* copy public container to directory */
946 (*ctmp
)->tool
= smime_helper_tool
;
947 (*ctmp
)->keymenu
= &config_smime_helper_keymenu
;
948 (*ctmp
)->help
= h_config_smime_transfer_pub_to_dir
;
949 (*ctmp
)->value
= cpystr(_("Transfer public certs FROM container TO directory"));
952 /* copy private container to directory */
954 (*ctmp
)->tool
= smime_helper_tool
;
955 (*ctmp
)->keymenu
= &config_smime_helper_keymenu
;
956 (*ctmp
)->help
= h_config_smime_transfer_priv_to_dir
;
957 (*ctmp
)->value
= cpystr(_("Transfer private keys FROM container TO directory"));
960 /* copy cacert container to directory */
962 (*ctmp
)->tool
= smime_helper_tool
;
963 (*ctmp
)->keymenu
= &config_smime_helper_keymenu
;
964 (*ctmp
)->help
= h_config_smime_transfer_cacert_to_dir
;
965 (*ctmp
)->value
= cpystr(_("Transfer CA certs FROM container TO directory"));
970 new_confline(ctmp
)->var
= vtmp
;
971 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
973 /* copy public container to keychain */
975 (*ctmp
)->tool
= smime_helper_tool
;
976 (*ctmp
)->keymenu
= &config_smime_helper_keymenu
;
977 (*ctmp
)->help
= h_config_smime_transfer_pubcon_to_key
;
978 (*ctmp
)->value
= cpystr(_("Transfer public certs FROM container TO keychain"));
981 /* copy public keychain to container */
983 (*ctmp
)->tool
= smime_helper_tool
;
984 (*ctmp
)->keymenu
= &config_smime_helper_keymenu
;
985 (*ctmp
)->help
= h_config_smime_transfer_pubkey_to_con
;
986 (*ctmp
)->value
= cpystr(_("Transfer public certs FROM keychain TO container"));
989 #endif /* APPLEKEYCHAIN */
992 && SMHOLDERTYPE(Private
) == Keychain
993 && SMHOLDERTYPE(Public
) == Keychain
994 && SMHOLDERTYPE(CACert
) == Keychain
)
997 new_confline(ctmp
)->var
= vtmp
;
998 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
1001 (*ctmp
)->flags
|= CF_NOSELECT
;
1002 (*ctmp
)->value
= cpystr(tmp
);
1005 (*ctmp
)->flags
|= CF_NOSELECT
;
1006 (*ctmp
)->value
= cpystr(_("Manage your own certificates"));
1009 (*ctmp
)->flags
|= CF_NOSELECT
;
1010 (*ctmp
)->value
= cpystr(tmp
);
1012 new_confline(ctmp
)->var
= vtmp
;
1013 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
1015 /* manage public certificates */
1017 (*ctmp
)->tool
= smime_helper_tool
;
1018 (*ctmp
)->keymenu
= &config_smime_manage_certs_menu_keymenu
;
1019 (*ctmp
)->help
= h_config_smime_public_certificates
;
1020 (*ctmp
)->value
= cpystr(_("Manage Public Certificates"));
1021 (*ctmp
)->varmem
= 9;
1022 (*ctmp
)->d
.s
.ctype
= Public
;
1024 /* manage private keys */
1026 (*ctmp
)->tool
= smime_helper_tool
;
1027 (*ctmp
)->keymenu
= &config_smime_manage_certs_menu_keymenu
;
1028 (*ctmp
)->help
= h_config_smime_private_keys
;
1029 (*ctmp
)->value
= cpystr(_("Manage Private Keys"));
1030 (*ctmp
)->varmem
= 10;
1031 (*ctmp
)->d
.s
.ctype
= Private
;
1033 /* manage Certificate Authorities */
1035 (*ctmp
)->tool
= smime_helper_tool
;
1036 (*ctmp
)->keymenu
= &config_smime_manage_certs_menu_keymenu
;
1037 (*ctmp
)->help
= h_config_smime_certificate_authorities
;
1038 (*ctmp
)->value
= cpystr(_("Manage Certificate Authorities"));
1039 (*ctmp
)->varmem
= 11;
1040 (*ctmp
)->d
.s
.ctype
= CACert
;
1043 new_confline(ctmp
)->var
= vtmp
;
1044 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
1047 (*ctmp
)->flags
|= CF_NOSELECT
;
1048 (*ctmp
)->value
= cpystr(tmp
);
1051 (*ctmp
)->flags
|= CF_NOSELECT
;
1052 (*ctmp
)->value
= cpystr(_("Manage Key and Certificate for Password File"));
1055 (*ctmp
)->flags
|= CF_NOSELECT
;
1056 (*ctmp
)->value
= cpystr(tmp
);
1058 new_confline(ctmp
)->var
= vtmp
;
1059 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
1061 /* manage password file certificates */
1063 (*ctmp
)->tool
= smime_helper_tool
;
1064 (*ctmp
)->keymenu
= &config_smime_manage_password_file_menu_keymenu
;
1065 (*ctmp
)->help
= h_config_smime_password_file_certificates
;
1066 (*ctmp
)->value
= cpystr(_("Manage Password File Key and Certificate"));
1067 (*ctmp
)->varmem
= 12;
1068 (*ctmp
)->d
.s
.ctype
= Password
;
1069 #endif /* PASSFILE */
1071 (*ctmp
)->next
= NULL
;
1075 display_certificate_information(struct pine
*ps
, X509
*cert
, char *email
, WhichCerts ctype
, int num
)
1078 SCROLL_S scrollargs
;
1080 int pub_cert
, priv_cert
, new_store
;
1084 cmd
= offset
= pub_cert
= priv_cert
= 0;
1086 ps
->next_screen
= SCREEN_FUN_NULL
;
1088 /* MC_PRIVATE and MC_PUBLIC cancel each other,
1089 * they can not be active at the same time
1094 priv_cert
= 1 - priv_cert
;
1095 smime_certificate_info_keymenu
.keys
[PUBLIC_KEY
].label
= N_("Public Key");
1096 smime_certificate_info_keymenu
.keys
[PRIVATE_KEY
].label
= priv_cert
? N_("No Priv Key") : N_("Pivate Key");
1101 pub_cert
= 1 - pub_cert
;
1102 smime_certificate_info_keymenu
.keys
[PRIVATE_KEY
].label
= priv_cert
? N_("No Priv Key") : N_("Pivate Key");
1103 smime_certificate_info_keymenu
.keys
[PUBLIC_KEY
].label
= N_("Public Key");
1107 if(SMHOLDERTYPE(CACert
) == Directory
)
1108 save_cert_for(email
, cert
, CACert
);
1109 else{ /* if(SMHOLDERTYPE(CACert) == Container) */
1111 char *upath
= PATHCERTDIR(ctype
);
1112 char *tempfile
= tempfile_in_same_dir(path
, "az", NULL
);
1115 if(IS_REMOTE(upath
))
1116 strncpy(path
, temp_nam(NULL
, "a6"), sizeof(path
)-1);
1118 strncpy(path
, upath
, sizeof(path
)-1);
1119 path
[sizeof(path
)-1] = '\0';
1121 add_to_end_of_certlist(&ps_global
->smime
->cacertlist
, email
, X509_dup(cert
));
1122 for(clist
=ps_global
->smime
->cacertlist
; clist
&& clist
->next
; clist
= clist
->next
);
1123 certlist_to_file(tempfile
, clist
);
1124 add_file_to_container(CACert
, tempfile
, email
);
1132 if (get_cert_deleted(ctype
, num
) != 0)
1133 q_status_message(SM_ORDER
, 1, 3, _("Certificate already deleted"));
1135 mark_cert_deleted(ctype
, num
, 1);
1136 q_status_message(SM_ORDER
, 1, 3, _("Certificate marked deleted"));
1141 if (get_cert_deleted(ctype
, num
) != 0){
1142 mark_cert_deleted(ctype
, num
, 0);
1143 q_status_message(SM_ORDER
, 1, 3, _("Certificate marked UNdeleted"));
1146 q_status_message(SM_ORDER
, 1, 3, _("Certificate not marked deleted"));
1152 if((pub_cert
|| priv_cert
)
1153 && (out
= print_private_key_information(email
, priv_cert
)) == NULL
)
1154 q_status_message(SM_ORDER
, 1, 3, _("Problem Reading Private Certificate Information"));
1157 store
= so_get(CharStar
, NULL
, EDIT_ACCESS
);
1158 view_writec_init(store
, NULL
, HEADER_ROWS(ps
),
1159 HEADER_ROWS(ps
) + ps
->ttyo
->screen_rows
- (HEADER_ROWS(ps
)+ FOOTER_ROWS(ps
)));
1161 snprintf(tmp_20k_buf
, SIZEOF_20KBUF
,"%s", _("Certificate Information"));
1162 gf_puts_uline(tmp_20k_buf
, view_writec
);
1163 gf_puts(NEWLINE
, view_writec
);
1164 print_separator_line(100, '-', view_writec
);
1166 output_cert_info(cert
, view_writec
);
1167 gf_puts(NEWLINE
, view_writec
);
1169 if(smime_validate_cert(cert
, &error
) < 0){
1170 const char *errorp
= X509_verify_cert_error_string(error
);
1171 snprintf(tmp_20k_buf
, SIZEOF_20KBUF
,_("Error validating certificate: %s"), errorp
);
1173 snprintf(tmp_20k_buf
, SIZEOF_20KBUF
, "%s", _("Certificate validated without errors"));
1175 gf_puts_uline(tmp_20k_buf
, view_writec
);
1176 gf_puts(NEWLINE
, view_writec
);
1178 if(out
!= NULL
){ /* print private key information */
1179 unsigned char ch
[2];
1181 gf_puts(NEWLINE
, view_writec
);
1183 while(BIO_read(out
, ch
, 1) >= 1)
1184 gf_puts((char *)ch
, view_writec
);
1185 gf_puts(NEWLINE
, view_writec
);
1186 q_status_message1(SM_ORDER
, 1, 3, _("%s information shown at bottom of certificate information"), pub_cert
? _("Public") : _("Private"));
1190 view_writec_destroy();
1194 memset(&scrollargs
, 0, sizeof(SCROLL_S
));
1196 scrollargs
.text
.text
= so_text(store
);
1197 scrollargs
.text
.src
= CharStar
;
1198 scrollargs
.text
.desc
= "certificate information";
1199 scrollargs
.body_valid
= 1;
1201 if(offset
){ /* resize? preserve paging! */
1202 scrollargs
.start
.on
= Offset
;
1203 scrollargs
.start
.loc
.offset
= offset
;
1204 scrollargs
.body_valid
= 0;
1208 scrollargs
.use_indexline_color
= 1;
1210 scrollargs
.bar
.title
= _("CERTIFICATE INFORMATION");
1211 scrollargs
.proc
.tool
= manage_certificate_info_tool
;
1212 scrollargs
.resize_exit
= 1;
1213 scrollargs
.help
.text
= h_certificate_information
;
1214 scrollargs
.help
.title
= _("HELP FOR MESSAGE TEXT VIEW");
1215 scrollargs
.keys
.what
= FirstMenu
;
1216 scrollargs
.keys
.menu
= &smime_certificate_info_keymenu
;
1217 setbitmap(scrollargs
.keys
.bitmap
);
1218 if(ctype
!= Public
|| error
!= X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT
)
1219 /*error != X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY)*/
1220 clrbitn(TRUST_KEY
, scrollargs
.keys
.bitmap
);
1221 if(ctype
!= Private
){
1222 clrbitn(PUBLIC_KEY
, scrollargs
.keys
.bitmap
);
1223 clrbitn(PRIVATE_KEY
, scrollargs
.keys
.bitmap
);
1225 if(ctype
== Password
){
1226 clrbitn(DELETE_CERT_KEY
, scrollargs
.keys
.bitmap
);
1227 clrbitn(UNDELETE_CERT_KEY
, scrollargs
.keys
.bitmap
);
1230 cmd
= scrolltool(&scrollargs
);
1235 case MC_PUBLIC
: if(scrollargs
.start
.on
== Offset
)
1236 offset
= scrollargs
.start
.loc
.offset
;
1242 } while (cmd
!= MC_EXIT
);
1243 ps
->mangled_screen
= 1;
1247 * This is silly, we just need this function so that we can tell scrolltool
1248 * that some commands are recognized. We use scrolltool because we do not
1249 * want to rewrite output_cert_info.
1252 manage_certificate_info_tool(int cmd
, MSGNO_S
*msgmap
, SCROLL_S
*sparms
)
1260 case MC_TRUST
: rv
= 1; break;
1261 default: rv
= 0; break;
1268 manage_certs_tool(struct pine
*ps
, int cmd
, CONF_S
**cl
, unsigned flags
)
1272 WhichCerts ctype
= (*cl
)->d
.s
.ctype
;
1275 case MC_ADD
: /* create a self signed certificate and import it */
1276 if(ctype
== Password
){
1278 char pathdir
[MAXPATH
+1], filename
[MAXPATH
+1];
1281 smime_path(DF_SMIMETMPDIR
, pathdir
, sizeof(pathdir
));
1282 if(((st
= our_stat(pathdir
, &sbuf
)) == 0
1283 && (sbuf
.st_mode
& S_IFMT
) == S_IFDIR
)
1285 && can_access(pathdir
, ACCESS_EXISTS
) != 0
1286 && our_mkpath(pathdir
, 0700) == 0)){
1287 pc
= ALPINE_self_signed_certificate(NULL
, 0, pathdir
, MASTERNAME
);
1288 if(strlen(pathdir
) + strlen(MASTERNAME
) + 5 + 1 > sizeof(filename
)){
1289 q_status_message(SM_ORDER
, 0, 2,
1290 _("pathdir for key too long"));
1293 snprintf(filename
, sizeof(filename
), "%.*s/%.*s.key",
1294 (int) strlen(pathdir
), pathdir
,
1295 (int) (sizeof(filename
) - strlen(MASTERNAME
) - 5 - 1), MASTERNAME
);
1296 filename
[sizeof(filename
)-1] = '\0';
1297 rv
= import_certificate(ctype
, pc
, filename
);
1299 ps
->keyemptypwd
= 0;
1300 if(our_stat(pathdir
, &sbuf
) == 0){
1301 if(unlink(filename
) < 0)
1302 q_status_message1(SM_ORDER
, 0, 2,
1303 _("Could not remove private key %s.key"), MASTERNAME
);
1304 filename
[strlen(filename
)-4] = '\0';
1305 strcat(filename
, ".crt");
1306 if(unlink(filename
) < 0)
1307 q_status_message1(SM_ORDER
, 0, 2,
1308 _("Could not remove public certificate %s.crt"), MASTERNAME
);
1309 if(rmdir(pathdir
) < 0)
1310 q_status_message1(SM_ORDER
, 0, 2,
1311 _("Could not remove temporary directory %s"), pathdir
);
1316 rv
= 10; /* forces redraw */
1321 if(PATHCERTDIR(ctype
) == NULL
)
1324 if((cert
= get_cert_for((*cl
)->d
.s
.address
, ctype
, 0)) == NULL
){
1325 q_status_message(SM_ORDER
, 1, 3, _("Problem Reading Certificate"));
1329 display_certificate_information(ps
, cert
, (*cl
)->d
.s
.address
, ctype
, (*cl
)->varmem
);
1330 rv
= 10 + (*cl
)->varmem
;
1335 if(ctype
== Password
){
1336 EVP_PKEY
*key
= NULL
;
1337 PERSONAL_CERT
*pc
= (PERSONAL_CERT
*) ps
->pwdcert
;
1339 const EVP_CIPHER
*enc
= NULL
;
1342 char filename
[MAXPATH
+1];
1343 char passwd
[MAILTMPLEN
];
1344 char prompt
[MAILTMPLEN
];
1346 if (pc
!= NULL
&& pc
->key
!= NULL
){
1347 strncpy(prompt
, _("Enter password to unlock key: "), sizeof(prompt
));
1348 prompt
[sizeof(prompt
)-1] = '\0';
1351 rv
= alpine_get_password(prompt
, passwd
, sizeof(passwd
));
1354 q_status_message(SM_ORDER
, 1, 3, _("Password deletion cancelled"));
1356 snprintf(filename
, sizeof(filename
), "%s/%s.key", ps
->pwdcertdir
, pc
->name
);
1357 filename
[sizeof(filename
)-1] = '\0';
1358 if((in
= BIO_new_file(filename
, "r")) != NULL
){
1359 key
= PEM_read_bio_PrivateKey(in
, NULL
, NULL
, passwd
);
1361 if((rsa
= EVP_PKEY_get1_RSA(key
)) != NULL
1362 && (out
= BIO_new(BIO_s_file())) != NULL
1363 && BIO_write_filename(out
, filename
) > 0
1364 && PEM_write_bio_RSAPrivateKey(out
, rsa
, enc
, NULL
, 0, NULL
, passwd
) > 0){
1365 q_status_message(SM_ORDER
, 1, 3, _("Password Removed from private key"));
1366 ps
->keyemptypwd
= 1;
1373 q_status_message(SM_ORDER
, 1, 3, _("Failed to unlock private key"));
1381 q_status_message(SM_ORDER
, 1, 3, _("Failed to remove password from private key"));
1382 rv
+= 10; /* forces redraw */
1392 if ((*cl
)->d
.s
.deleted
!= 0)
1393 q_status_message(SM_ORDER
, 1, 3, _("Certificate already deleted"));
1395 (*cl
)->d
.s
.deleted
= 1;
1396 rv
= 10 + (*cl
)->varmem
; /* forces redraw */
1397 mark_cert_deleted(ctype
, (*cl
)->varmem
, 1);
1398 q_status_message(SM_ORDER
, 1, 3, _("Certificate marked deleted"));
1404 if ((*cl
)->d
.s
.deleted
== 0)
1405 q_status_message(SM_ORDER
, 1, 3, _("Certificate not marked deleted"));
1407 (*cl
)->d
.s
.deleted
= 0;
1408 mark_cert_deleted(ctype
, (*cl
)->varmem
, 0);
1409 rv
= 10 + (*cl
)->varmem
; /* forces redraw */
1410 q_status_message(SM_ORDER
, 1, 3, _("Certificate marked UNdeleted"));
1417 for(cl
= DATACERT(ctype
); cl
!= NULL
&& DELETEDCERT(cl
) == 0; cl
= cl
->next
);
1418 if(cl
!= NULL
&& DELETEDCERT(cl
) != 0){
1419 smime_expunge_cert(ctype
);
1420 rv
= 10; /* forces redraw */
1423 q_status_message(SM_ORDER
, 3, 3, _("No certificates marked deleted"));
1429 rv
= import_certificate(ctype
, NULL
, NULL
);
1434 cmd_cancelled("Import certificate");
1438 q_status_message1(SM_ORDER
, 0, 2, _("Can't import certificate outside of %s"),
1439 ps_global
->VAR_OPER_DIR
);
1443 rv
= 10; /* forces redraw */
1447 rv
= config_exit_cmd(flags
);
1460 smime_setup_size(char **s
, size_t buflen
, size_t n
)
1466 snprintf(t
, buflen
-3, "%zu.%zu", n
, n
);
1475 manage_password_file_certificates(struct pine
*ps
)
1477 OPT_SCREEN_S screen
;
1478 int readonly_warning
= 0, rv
= 10, fline
, state
= 0;
1480 dprint((9, "manage_password_file_certificates"));
1481 ps
->next_screen
= SCREEN_FUN_NULL
;
1482 ps
->keyemptypwd
= 0; /* just in case */
1485 CONF_S
*ctmp
= NULL
, *first_line
= NULL
;
1487 fline
= rv
>= 10 ? rv
- 10 : 0;
1489 smime_manage_password_file_certs_init(ps
, &ctmp
, &first_line
, fline
, &state
);
1492 ps
->mangled_screen
= 1;
1493 q_status_message(SM_ORDER
, 1, 3, _("Failed to initialize password management screen (no key)"));
1497 memset(&screen
, 0, sizeof(screen
));
1498 screen
.deferred_ro_warning
= readonly_warning
;
1500 rv
= conf_scroll_screen(ps
, &screen
, first_line
,
1501 _("MANAGE PASSWORD FILE CERTS"),
1502 /* TRANSLATORS: Print something1 using something2.
1503 configuration is something1 */
1504 _("configuration"), 0, NULL
);
1507 ps
->mangled_screen
= 1;
1508 ps
->keyemptypwd
= 0; /* reset this so it will not confuse other routines */
1512 /* state: 0 = first time,
1513 * 1 = second or another time
1516 smime_manage_password_file_certs_init(struct pine
*ps
, CONF_S
**ctmp
, CONF_S
**first_line
, int fline
, int *state
)
1521 void *pwdcert
= NULL
; /* this is our current password file */
1522 char filename
[MAXPATH
+1];
1524 EVP_PKEY
*key
= NULL
;
1527 if(*state
== 0){ /* first time around? */
1528 setup_pwdcert(&pwdcert
);
1529 if(pwdcert
== NULL
) return;
1530 if(ps
->pwdcert
== NULL
)
1531 ps
->pwdcert
= pwdcert
;
1533 free_personal_certs((PERSONAL_CERT
**) &pwdcert
);
1537 pc
= (PERSONAL_CERT
*) ps_global
->pwdcert
;
1538 snprintf(filename
, sizeof(filename
), "%s/%s.key", ps
->pwdcertdir
, pc
->name
);
1539 filename
[sizeof(filename
)-1] = '\0';
1540 if((in
= BIO_new_file(filename
, "r")) != NULL
1541 && (key
= PEM_read_bio_PrivateKey(in
, NULL
, NULL
, "")) != NULL
)
1542 ps
->keyemptypwd
= 1;
1548 ps
->pwdcertlist
= cl
= smime_X509_to_cert_info(X509_dup(pc
->cert
), pc
->name
);
1550 for(i
= 0; i
< sizeof(tmp
) && i
< (ps
->ttyo
? ps
->ttyo
->screen_cols
: sizeof(tmp
)); i
++)
1555 (*ctmp
)->flags
|= CF_NOSELECT
;
1556 (*ctmp
)->value
= cpystr(tmp
);
1559 (*ctmp
)->flags
|= CF_NOSELECT
;
1560 (*ctmp
)->value
= cpystr(_("Manage Certificates and Keys Used to Encrypt your Password File"));
1563 (*ctmp
)->flags
|= CF_NOSELECT
;
1564 (*ctmp
)->value
= cpystr(tmp
);
1567 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
1570 int s
, e
, df
, dt
, md5
; /* sizes of certain fields */
1571 int nf
; /* number of fields */
1572 char u
[MAILTMPLEN
], *t
;
1574 e
= MIN(strlen(cl
->name
), ps
->ttyo
->screen_cols
/3); /* do not use too much screen */
1575 nf
= 5; /* there are 5 fields */
1576 s
= 3; /* status has fixed size */
1577 df
= dt
= 10; /* date from and date to have fixed size */
1578 md5
= ps
->ttyo
->screen_cols
- s
- df
- dt
- e
- (nf
- 1);
1581 smime_setup_size(&t
, sizeof(u
), s
);
1582 smime_setup_size(&t
, sizeof(u
) - strlen(t
), e
);
1583 smime_setup_size(&t
, sizeof(u
) - strlen(t
), df
);
1584 *t
++ = ' '; /* leave an extra space between dates */
1585 *t
= '\0'; /* make valgrind happy */
1586 smime_setup_size(&t
, sizeof(u
) - strlen(t
), dt
);
1587 *t
++ = ' '; /* and another space between date and md5 sum */
1588 *t
= '\0'; /* make valgrind happy again */
1589 smime_setup_size(&t
, sizeof(u
) - strlen(t
), md5
);
1590 *t
= '\0'; /* tie off */
1593 (*ctmp
)->flags
|= CF_NOSELECT
;
1594 (*ctmp
)->value
= cpystr(_("New Public Certificate and Key:"));
1597 (*ctmp
)->d
.s
.ctype
= Password
;
1598 (*ctmp
)->help
= h_config_smime_password_file_certificates
;
1599 (*ctmp
)->tool
= manage_certs_tool
;
1600 (*ctmp
)->keymenu
= &config_smime_add_new_key_keymenu
;
1602 for(i
= 0; i
< s
; i
++) tmp
[i
] = ' ';
1604 strncpy(tmp
+s
, _("Press \"RETURN\" to add new personal key"), sizeof(tmp
)-s
-1);
1605 for(i
= strlen(tmp
); i
< (ps
->ttyo
? ps
->ttyo
->screen_cols
: sizeof(tmp
) - 1); i
++)
1608 (*ctmp
)->value
= cpystr(tmp
);
1609 *first_line
= *ctmp
;
1612 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
1615 (*ctmp
)->flags
|= CF_NOSELECT
;
1616 (*ctmp
)->value
= cpystr(_("Current Public Certificate and Key:"));
1619 (*ctmp
)->d
.s
.ctype
= Password
;
1620 (*ctmp
)->d
.s
.deleted
= 0;
1621 (*ctmp
)->help
= h_config_smime_password_file_certificates
;
1622 (*ctmp
)->tool
= manage_certs_tool
;
1623 (*ctmp
)->keymenu
= ps
->keyemptypwd
== 0
1624 ? &config_smime_manage_view_cert_keymenu
1625 : &config_smime_manage_view_cert_keymenu_no_delete
;
1626 (*ctmp
)->varmem
= 0;
1627 strncpy((*ctmp
)->d
.s
.address
, cl
->name
, sizeof((*ctmp
)->d
.s
.address
));
1628 (*ctmp
)->d
.s
.address
[sizeof((*ctmp
)->d
.s
.address
) - 1] = '\0';
1629 snprintf(tmp
, sizeof(tmp
), u
,
1630 (*ctmp
)->d
.s
.deleted
? "D" : " ",
1632 DATEFROMCERT(cl
), DATETOCERT(cl
), MD5CERT(cl
));
1633 (*ctmp
)->value
= cpystr(tmp
);
1636 #endif /* PASSFILE */
1640 smime_manage_certs_init(struct pine
*ps
, CONF_S
**ctmp
, CONF_S
**first_line
, WhichCerts ctype
, int fline
)
1648 data
= DATACERT(ctype
);
1649 // ext = EXTCERT(ctype);
1651 if(data
== NULL
|| RENEWCERT(data
))
1652 renew_cert_data(&data
, ctype
);
1654 for(i
= 0; i
< sizeof(tmp
) && i
< (ps
->ttyo
? ps
->ttyo
->screen_cols
: sizeof(tmp
)); i
++)
1659 (*ctmp
)->flags
|= CF_NOSELECT
;
1660 (*ctmp
)->value
= cpystr(tmp
);
1662 (*ctmp
)->keymenu
= &config_text_keymenu
;
1665 (*ctmp
)->flags
|= CF_NOSELECT
;
1666 sprintf(tmp
, _("List of %s certificates"), ctype
== Public
? _("public")
1667 : (ctype
== Private
? _("private")
1668 : (ctype
== CACert
? _("certificate authority") : "unknown (?)")));
1669 (*ctmp
)->value
= cpystr(tmp
);
1671 for(i
= 0; i
< sizeof(tmp
) && i
< (ps
->ttyo
? ps
->ttyo
->screen_cols
: sizeof(tmp
)); i
++)
1676 (*ctmp
)->flags
|= CF_NOSELECT
;
1677 (*ctmp
)->value
= cpystr(tmp
);
1680 (*ctmp
)->flags
|= CF_NOSELECT
| CF_B_LINE
;
1683 CertList
*cl
; int i
;
1684 int s
, e
, df
, dt
, md5
; /* sizes of certain fields */
1685 int nf
; /* number of fields */
1686 char u
[MAILTMPLEN
], *t
;
1688 for(cl
= data
, e
= 0; cl
; cl
= cl
->next
)
1689 if(cl
->name
&& strlen(cl
->name
) > e
)
1690 e
= strlen(cl
->name
);
1692 if(ctype
!= Private
&& SMHOLDERTYPE(ctype
) == Directory
)
1693 e
-= 4; /* remove extension length */
1694 e
= MIN(e
, ps
->ttyo
->screen_cols
/3); /* do not use too much screen */
1695 nf
= 5; /* there are 5 fields */
1696 s
= 3; /* status has fixed size */
1697 df
= dt
= 10; /* date from and date to have fixed size */
1698 md5
= ps
->ttyo
->screen_cols
- s
- df
- dt
- e
- (nf
- 1);
1701 smime_setup_size(&t
, sizeof(u
), s
);
1702 smime_setup_size(&t
, sizeof(u
) - strlen(t
), e
);
1703 smime_setup_size(&t
, sizeof(u
) - strlen(t
), df
);
1704 *t
++ = ' '; /* leave an extra space between dates */
1705 *t
= '\0'; /* make valgrind happy */
1706 smime_setup_size(&t
, sizeof(u
) - strlen(t
), dt
);
1707 *t
++ = ' '; /* and another space between date and md5 sum */
1708 *t
= '\0'; /* make valgrind happy again */
1709 smime_setup_size(&t
, sizeof(u
) - strlen(t
), md5
);
1710 *t
= '\0'; /* tie off */
1712 for(cl
= data
, i
= 0; cl
; cl
= cl
->next
)
1715 (*ctmp
)->d
.s
.ctype
= ctype
;
1716 (*ctmp
)->d
.s
.deleted
= get_cert_deleted(ctype
, i
);
1717 (*ctmp
)->tool
= manage_certs_tool
;
1718 (*ctmp
)->keymenu
= &config_smime_manage_certs_work_keymenu
;
1719 (*ctmp
)->varmem
= i
++;
1720 (*ctmp
)->help
= ctype
== Public
? h_config_smime_manage_public_menu
1721 : (ctype
== Private
? h_config_smime_manage_private_menu
1722 : h_config_smime_manage_cacerts_menu
);
1723 if(ctype
!= Private
&& SMHOLDERTYPE(ctype
) == Directory
)
1724 cl
->name
[strlen(cl
->name
) - 4] = '\0'; /* FIX FIX FIX */
1725 strncpy((*ctmp
)->d
.s
.address
, cl
->name
, sizeof((*ctmp
)->d
.s
.address
));
1726 (*ctmp
)->d
.s
.address
[sizeof((*ctmp
)->d
.s
.address
) - 1] = '\0';
1727 snprintf(tmp
, sizeof(tmp
), u
,
1728 (*ctmp
)->d
.s
.deleted
? "D" : " ",
1729 ctype
== CACert
? cl
->cn
: cl
->name
,
1730 DATEFROMCERT(cl
), DATETOCERT(cl
), MD5CERT(cl
));
1731 if(ctype
!= Private
&& SMHOLDERTYPE(ctype
) == Directory
)
1732 cl
->name
[strlen(cl
->name
)] = '.';
1733 (*ctmp
)->value
= cpystr(tmp
);
1734 if(i
== fline
+1 && first_line
&& !*first_line
)
1735 *first_line
= *ctmp
;
1740 (*ctmp
)->d
.s
.ctype
= ctype
;
1741 (*ctmp
)->tool
= manage_certs_tool
;
1742 (*ctmp
)->keymenu
= &config_smime_add_certs_keymenu
;
1743 (*ctmp
)->value
= cpystr(_(" \tNo certificates found, press \"RETURN\" to add one."));
1744 if(first_line
&& !*first_line
)
1745 *first_line
= *ctmp
;
1750 manage_certificates(struct pine
*ps
, WhichCerts ctype
)
1752 OPT_SCREEN_S screen
;
1753 int readonly_warning
= 0, rv
= 10, fline
;
1755 dprint((9, "manage_certificates(ps, %s)", ctype
== Public
? _("Public") : (ctype
== Private
? _("Private") : (ctype
== CACert
? _("certificate authority") : _("unknown")))));
1756 ps
->next_screen
= SCREEN_FUN_NULL
;
1759 CONF_S
*ctmp
= NULL
, *first_line
= NULL
;
1761 fline
= rv
>= 10 ? rv
- 10 : 0;
1765 smime_manage_certs_init(ps
, &ctmp
, &first_line
, ctype
, fline
);
1768 ps
->mangled_screen
= 1;
1773 memset(&screen
, 0, sizeof(screen
));
1774 screen
.deferred_ro_warning
= readonly_warning
;
1775 rv
= conf_scroll_screen(ps
, &screen
, first_line
,
1776 _("MANAGE CERTIFICATES"),
1777 /* TRANSLATORS: Print something1 using something2.
1778 configuration is something1 */
1779 _("configuration"), 0, NULL
);
1782 ps
->mangled_screen
= 1;
1787 smime_helper_tool(struct pine
*ps
, int cmd
, CONF_S
**cl
, unsigned flags
)
1793 switch((*cl
)->varmem
){
1795 rv
= copy_publiccert_dir_to_container();
1797 q_status_message(SM_ORDER
, 1, 3, _("Public certs transferred to container"));
1799 q_status_message(SM_ORDER
, 3, 3, _("Problem transferring certs"));
1806 rv
= copy_publiccert_container_to_dir();
1808 q_status_message(SM_ORDER
, 1, 3, _("Public certs transferred to directory, delete Container config to use"));
1810 q_status_message(SM_ORDER
, 3, 3, _("Problem transferring certs"));
1817 rv
= copy_privatecert_dir_to_container();
1819 q_status_message(SM_ORDER
, 1, 3, _("Private keys transferred to container"));
1821 q_status_message(SM_ORDER
, 3, 3, _("Problem transferring certs"));
1828 rv
= copy_privatecert_container_to_dir();
1830 q_status_message(SM_ORDER
, 1, 3, _("Private keys transferred to directory, delete Container config to use"));
1832 q_status_message(SM_ORDER
, 3, 3, _("Problem transferring certs"));
1839 rv
= copy_cacert_dir_to_container();
1841 q_status_message(SM_ORDER
, 1, 3, _("CA certs transferred to container"));
1843 q_status_message(SM_ORDER
, 3, 3, _("Problem transferring certs"));
1850 rv
= copy_cacert_container_to_dir();
1852 q_status_message(SM_ORDER
, 1, 3, _("CA certs transferred to directory, delete Container config to use"));
1854 q_status_message(SM_ORDER
, 3, 3, _("Problem transferring certs"));
1860 #ifdef APPLEKEYCHAIN
1862 rv
= copy_publiccert_container_to_keychain();
1864 q_status_message(SM_ORDER
, 1, 3, _("Public certs transferred to keychain"));
1866 q_status_message(SM_ORDER
, 3, 3, _("Command not implemented yet"));
1873 rv
= copy_publiccert_keychain_to_container();
1875 q_status_message(SM_ORDER
, 1, 3, _("Public certs transferred to container"));
1877 q_status_message(SM_ORDER
, 3, 3, _("Command not implemented yet"));
1882 #endif /* APPLEKEYCHAIN */
1884 case 9: manage_certificates(ps
, Public
) ; break;
1885 case 10: manage_certificates(ps
, Private
); break;
1886 case 11: manage_certificates(ps
, CACert
) ; break;
1889 case 12: manage_password_file_certificates(ps
); break;
1890 #endif /* PASSFILE */
1900 rv
= config_exit_cmd(flags
);
1904 rv
= import_certificate((*cl
)->d
.s
.ctype
, NULL
, NULL
);
1917 * Compare saved user_val with current user_val to see if it changed.
1918 * If any have changed, change it back and take the appropriate action.
1921 revert_to_saved_smime_config(struct pine
*ps
, SAVED_CONFIG_S
*vsave
)
1923 struct variable
*vreal
;
1927 char *pval
, **apval
, **lval
, ***alval
;
1930 for(vreal
= ps
->vars
; vreal
->name
; vreal
++,v
++){
1931 if(!(smime_related_var(ps
, vreal
) || vreal
==&ps
->vars
[V_FEATURE_LIST
]))
1935 lval
= LVAL(vreal
, ew
);
1936 alval
= ALVAL(vreal
, ew
);
1938 if((v
->saved_user_val
.l
&& !lval
)
1939 || (!v
->saved_user_val
.l
&& lval
))
1941 else if(!v
->saved_user_val
.l
&& !lval
)
1942 ;/* no change, nothing to do */
1944 for(i
= 0; v
->saved_user_val
.l
[i
] || lval
[i
]; i
++)
1945 if((v
->saved_user_val
.l
[i
]
1947 || strcmp(v
->saved_user_val
.l
[i
], lval
[i
])))
1949 (!v
->saved_user_val
.l
[i
] && lval
[i
])){
1959 free_list_array(alval
);
1961 /* copy back the original one */
1962 if(v
->saved_user_val
.l
){
1963 list
= v
->saved_user_val
.l
;
1965 /* count how many */
1969 *alval
= (char **)fs_get((n
+1) * sizeof(char *));
1971 for(i
= 0; i
< n
; i
++)
1972 (*alval
)[i
] = cpystr(v
->saved_user_val
.l
[i
]);
1980 pval
= PVAL(vreal
, ew
);
1981 apval
= APVAL(vreal
, ew
);
1983 if((v
->saved_user_val
.p
&&
1984 (!pval
|| strcmp(v
->saved_user_val
.p
, pval
))) ||
1985 (!v
->saved_user_val
.p
&& pval
)){
1986 /* It changed, fix it */
1989 /* free the changed value */
1991 fs_give((void **)apval
);
1993 if(v
->saved_user_val
.p
)
1994 *apval
= cpystr(v
->saved_user_val
.p
);
2000 if(vreal
== &ps
->vars
[V_FEATURE_LIST
])
2001 set_feature_list_current_val(vreal
);
2003 set_current_val(vreal
, TRUE
, FALSE
);
2005 fix_side_effects(ps
, vreal
, 1);
2012 save_smime_config_vars(struct pine
*ps
)
2014 struct variable
*vreal
;
2015 SAVED_CONFIG_S
*vsave
, *v
;
2017 vsave
= (SAVED_CONFIG_S
*)fs_get((V_LAST_VAR
+1)*sizeof(SAVED_CONFIG_S
));
2018 memset((void *)vsave
, 0, (V_LAST_VAR
+1)*sizeof(SAVED_CONFIG_S
));
2019 for(v
= vsave
, vreal
= ps
->vars
; vreal
->name
; vreal
++,v
++){
2020 if(!(smime_related_var(ps
, vreal
) || vreal
==&ps
->vars
[V_FEATURE_LIST
]))
2027 if(LVAL(vreal
, ew
)){
2028 /* count how many */
2030 list
= LVAL(vreal
, ew
);
2034 v
->saved_user_val
.l
= (char **)fs_get((n
+1)*sizeof(char *));
2035 memset((void *)v
->saved_user_val
.l
, 0, (n
+1)*sizeof(char *));
2036 for(i
= 0; i
< n
; i
++)
2037 v
->saved_user_val
.l
[i
] = cpystr(list
[i
]);
2039 v
->saved_user_val
.l
[n
] = NULL
;
2044 v
->saved_user_val
.p
= cpystr(PVAL(vreal
, ew
));
2053 free_saved_smime_config(struct pine
*ps
, SAVED_CONFIG_S
**vsavep
)
2055 struct variable
*vreal
;
2058 if(vsavep
&& *vsavep
){
2059 for(v
= *vsavep
, vreal
= ps
->vars
; vreal
->name
; vreal
++,v
++){
2060 if(!(smime_related_var(ps
, vreal
) || vreal
==&ps
->vars
[V_FEATURE_LIST
]))
2063 if(vreal
->is_list
){ /* free saved_user_val.l */
2064 if(v
&& v
->saved_user_val
.l
)
2065 free_list_array(&v
->saved_user_val
.l
);
2067 else if(v
&& v
->saved_user_val
.p
)
2068 fs_give((void **)&v
->saved_user_val
.p
);
2071 fs_give((void **)vsavep
);