search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
set chmod 0600 on log files, history files, saved parts, etc.
[claws.git] / src / ssl_manager.c
blob884a0225f35ced4c3d3cccfefec7ed5f3d2869fd
1 /*
2 * Claws Mail -- a GTK+ based, lightweight, and fast e-mail client
3 * Copyright (C) 1999-2016 Colin Leroy and the Claws Mail team
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 */
18 #ifdef HAVE_CONFIG_H
19 # include "config.h"
20 #include "claws-features.h"
21 #endif
22
23 #ifdef USE_GNUTLS
24 #include <gtk/gtk.h>
25 #include <glib.h>
26 #include <glib/gi18n.h>
27 #include <gdk/gdkkeysyms.h>
28 #include <sys/types.h>
29 #include <dirent.h>
30
31 #include "ssl_manager.h"
32 #include "ssl_certificate.h"
33 #include "manage_window.h"
34 #include "utils.h"
35 #include "mainwindow.h"
36 #include "alertpanel.h"
37 #include "sslcertwindow.h"
38 #include "prefs_common.h"
39
40 enum {
41 SSL_MANAGER_HOST,
42 SSL_MANAGER_PORT,
43 SSL_MANAGER_CERT,
44 SSL_MANAGER_STATUS,
45 SSL_MANAGER_EXPIRY,
46 SSL_MANAGER_FONT_WEIGHT,
47 N_SSL_MANAGER_COLUMNS
48 };
49
50
51 static struct SSLManager
52 {
53 GtkWidget *window;
54 GtkWidget *hbox1;
55 GtkWidget *vbox1;
56 GtkWidget *certlist;
57 GtkWidget *view_btn;
58 GtkWidget *delete_btn;
59 GtkWidget *close_btn;
60 } manager;
61
62 static void ssl_manager_view_cb (GtkWidget *widget, gpointer data);
63 static void ssl_manager_delete_cb (GtkWidget *widget, gpointer data);
64 static void ssl_manager_close_cb (GtkWidget *widget, gpointer data);
65 static gboolean key_pressed (GtkWidget *widget, GdkEventKey *event,
66 gpointer data);
67 static void ssl_manager_load_certs (void);
68 static void ssl_manager_double_clicked(GtkTreeView *list_view,
69 GtkTreePath *path,
70 GtkTreeViewColumn *column,
71 gpointer data);
72
73 void ssl_manager_open(MainWindow *mainwin)
74 {
75 if (!manager.window)
76 ssl_manager_create();
77
78 manage_window_set_transient(GTK_WINDOW(manager.window));
79 gtk_widget_grab_focus(manager.close_btn);
80
81 ssl_manager_load_certs();
82
83 gtk_widget_show(manager.window);
84
85 }
86
87 static GtkListStore* ssl_manager_create_data_store(void)
88 {
89 return gtk_list_store_new(N_SSL_MANAGER_COLUMNS,
90 G_TYPE_STRING,
91 G_TYPE_STRING,
92 G_TYPE_POINTER,
93 G_TYPE_STRING,
94 G_TYPE_STRING,
95 G_TYPE_INT,
96 -1);
97 }
98
99 static void ssl_manager_create_list_view_columns(GtkWidget *list_view)
100 {
101 GtkTreeViewColumn *column;
102 GtkCellRenderer *renderer;
103
104 renderer = gtk_cell_renderer_text_new();
105 g_object_set(renderer, "weight", PANGO_WEIGHT_NORMAL,
106 "weight-set", TRUE, NULL);
107
108 column = gtk_tree_view_column_new_with_attributes
109 (_("Server"),
110 renderer,
111 "text", SSL_MANAGER_HOST,
112 "weight", SSL_MANAGER_FONT_WEIGHT,
113 NULL);
114 gtk_tree_view_append_column(GTK_TREE_VIEW(list_view), column);
115
116 column = gtk_tree_view_column_new_with_attributes
117 (_("Port"),
118 renderer,
119 "text", SSL_MANAGER_PORT,
120 NULL);
121 gtk_tree_view_append_column(GTK_TREE_VIEW(list_view), column);
122
123 column = gtk_tree_view_column_new_with_attributes
124 (_("Status"),
125 renderer,
126 "text", SSL_MANAGER_STATUS,
127 NULL);
128 gtk_tree_view_append_column(GTK_TREE_VIEW(list_view), column);
129
130 column = gtk_tree_view_column_new_with_attributes
131 (_("Expiry"),
132 renderer,
133 "text", SSL_MANAGER_EXPIRY,
134 NULL);
135 gtk_tree_view_column_set_attributes
136 (column, renderer,
137 "text", SSL_MANAGER_EXPIRY,
138 NULL);
139 gtk_tree_view_append_column(GTK_TREE_VIEW(list_view), column);
140 }
141
142 static GtkWidget *ssl_manager_list_view_create (void)
143 {
144 GtkTreeView *list_view;
145 GtkTreeSelection *selector;
146 GtkTreeModel *model;
147
148 model = GTK_TREE_MODEL(ssl_manager_create_data_store());
149 list_view = GTK_TREE_VIEW(gtk_tree_view_new_with_model(model));
150 g_object_unref(model);
151
152 gtk_tree_sortable_set_sort_column_id(GTK_TREE_SORTABLE(model),
153 0, GTK_SORT_ASCENDING);
154 gtk_tree_view_set_rules_hint(list_view, prefs_common.use_stripes_everywhere);
155
156 selector = gtk_tree_view_get_selection(list_view);
157 gtk_tree_selection_set_mode(selector, GTK_SELECTION_BROWSE);
158
159 g_signal_connect(G_OBJECT(list_view), "row_activated",
160 G_CALLBACK(ssl_manager_double_clicked),
161 list_view);
162
163 /* create the columns */
164 ssl_manager_create_list_view_columns(GTK_WIDGET(list_view));
165
166 return GTK_WIDGET(list_view);
167 }
168
169 /*!
170 *\brief Save Gtk object size to prefs dataset
171 */
172 static void ssl_manager_size_allocate_cb(GtkWidget *widget,
173 GtkAllocation *allocation)
174 {
175 cm_return_if_fail(allocation != NULL);
176
177 prefs_common.sslmanwin_width = allocation->width;
178 prefs_common.sslmanwin_height = allocation->height;
179 }
180
181 void ssl_manager_create(void)
182 {
183 GtkWidget *window;
184 GtkWidget *scroll;
185 GtkWidget *hbox1;
186 GtkWidget *vbox1;
187 GtkWidget *certlist;
188 GtkWidget *view_btn;
189 GtkWidget *delete_btn;
190 GtkWidget *close_btn;
191 static GdkGeometry geometry;
192
193 window = gtkut_window_new(GTK_WINDOW_TOPLEVEL, "ssl_manager");
194 gtk_window_set_title (GTK_WINDOW(window),
195 _("Saved SSL/TLS certificates"));
196
197 gtk_container_set_border_width (GTK_CONTAINER (window), 8);
198 gtk_window_set_position (GTK_WINDOW (window), GTK_WIN_POS_CENTER);
199 gtk_window_set_resizable(GTK_WINDOW (window), TRUE);
200 gtk_window_set_type_hint(GTK_WINDOW(window), GDK_WINDOW_TYPE_HINT_DIALOG);
201 g_signal_connect(G_OBJECT(window), "delete_event",
202 G_CALLBACK(ssl_manager_close_cb), NULL);
203 g_signal_connect(G_OBJECT(window), "size_allocate",
204 G_CALLBACK(ssl_manager_size_allocate_cb), NULL);
205 g_signal_connect(G_OBJECT(window), "key_press_event",
206 G_CALLBACK(key_pressed), NULL);
207 MANAGE_WINDOW_SIGNALS_CONNECT (window);
208
209 hbox1 = gtk_hbox_new(FALSE, 6);
210 vbox1 = gtk_vbox_new(FALSE, 0);
211 delete_btn = gtk_button_new_from_stock(GTK_STOCK_DELETE);
212
213 g_signal_connect(G_OBJECT(delete_btn), "clicked",
214 G_CALLBACK(ssl_manager_delete_cb), NULL);
215
216 view_btn = gtk_button_new_from_stock(GTK_STOCK_PROPERTIES);
217 g_signal_connect(G_OBJECT(view_btn), "clicked",
218 G_CALLBACK(ssl_manager_view_cb), NULL);
219
220 close_btn = gtk_button_new_from_stock(GTK_STOCK_CLOSE);
221 g_signal_connect(G_OBJECT(close_btn), "clicked",
222 G_CALLBACK(ssl_manager_close_cb), NULL);
223
224 certlist = ssl_manager_list_view_create();
225
226 scroll = gtk_scrolled_window_new (NULL, NULL);
227 gtk_scrolled_window_set_policy (GTK_SCROLLED_WINDOW (scroll),
228 GTK_POLICY_NEVER,
229 GTK_POLICY_AUTOMATIC);
230
231 gtk_container_add(GTK_CONTAINER (scroll), certlist);
232
233 gtk_box_pack_start(GTK_BOX(hbox1), scroll, TRUE, TRUE, 0);
234 gtk_box_pack_start(GTK_BOX(hbox1), vbox1, FALSE, FALSE, 0);
235 gtk_box_pack_start(GTK_BOX(vbox1), view_btn, FALSE, FALSE, 4);
236 gtk_box_pack_start(GTK_BOX(vbox1), delete_btn, FALSE, FALSE, 4);
237 gtk_box_pack_end(GTK_BOX(vbox1), close_btn, FALSE, FALSE, 4);
238
239 if (!geometry.min_height) {
240 geometry.min_width = 700;
241 geometry.min_height = 250;
242 }
243
244 gtk_window_set_geometry_hints(GTK_WINDOW(window), NULL, &geometry,
245 GDK_HINT_MIN_SIZE);
246 gtk_widget_set_size_request(window, prefs_common.sslmanwin_width,
247 prefs_common.sslmanwin_height);
248
249 gtk_widget_show(certlist);
250 gtk_widget_show(scroll);
251 gtk_widget_show(hbox1);
252 gtk_widget_show(vbox1);
253 gtk_widget_show(close_btn);
254 gtk_widget_show(delete_btn);
255 gtk_widget_show(view_btn);
256 gtk_container_add(GTK_CONTAINER (window), hbox1);
257
258 manager.window = window;
259 manager.hbox1 = hbox1;
260 manager.vbox1 = vbox1;
261 manager.certlist = certlist;
262 manager.view_btn = view_btn;
263 manager.delete_btn = delete_btn;
264 manager.close_btn = close_btn;
265
266 gtk_widget_show(window);
267 }
268
269 static void ssl_manager_list_view_insert_cert(GtkWidget *list_view,
270 GtkTreeIter *row_iter,
271 gchar *host,
272 gchar *port,
273 SSLCertificate *cert)
274 {
275 char *sig_status, *exp_date;
276 char buf[100];
277 time_t exp_time_t;
278 struct tm lt;
279 PangoWeight weight = PANGO_WEIGHT_NORMAL;
280 GtkTreeIter iter, *iterptr;
281 GtkListStore *list_store = GTK_LIST_STORE(gtk_tree_view_get_model
282 (GTK_TREE_VIEW(list_view)));
283
284 g_return_if_fail(cert != NULL);
285
286 exp_time_t = gnutls_x509_crt_get_expiration_time(cert->x509_cert);
287
288 memset(buf, 0, sizeof(buf));
289 if (exp_time_t > 0) {
290 fast_strftime(buf, sizeof(buf)-1, prefs_common.date_format, localtime_r(&exp_time_t, &lt));
291 exp_date = (*buf) ? g_strdup(buf):g_strdup("?");
292 } else
293 exp_date = g_strdup("");
294
295 if (exp_time_t < time(NULL))
296 weight = PANGO_WEIGHT_BOLD;
297
298 sig_status = ssl_certificate_check_signer(cert, cert->status);
299
300 if (sig_status == NULL)
301 sig_status = g_strdup_printf(_("Correct%s"),exp_time_t < time(NULL)? _(" (expired)"): "");
302 else {
303 weight = PANGO_WEIGHT_BOLD;
304 if (exp_time_t < time(NULL))
305 sig_status = g_strconcat(sig_status,_(" (expired)"),NULL);
306 }
307
308 if (row_iter == NULL) {
309 /* append new */
310 gtk_list_store_append(list_store, &iter);
311 iterptr = &iter;
312 } else
313 iterptr = row_iter;
314
315 gtk_list_store_set(list_store, iterptr,
316 SSL_MANAGER_HOST, host,
317 SSL_MANAGER_PORT, port,
318 SSL_MANAGER_CERT, cert,
319 SSL_MANAGER_STATUS, sig_status,
320 SSL_MANAGER_EXPIRY, exp_date,
321 SSL_MANAGER_FONT_WEIGHT, weight,
322 -1);
323
324 g_free(sig_status);
325 g_free(exp_date);
326 }
327
328 static void ssl_manager_load_certs (void)
329 {
330 GDir *dir;
331 const gchar *d;
332 GError *error = NULL;
333 gchar *path;
334 int row = 0;
335 GtkListStore *store;
336
337 store = GTK_LIST_STORE(gtk_tree_view_get_model
338 (GTK_TREE_VIEW(manager.certlist)));
339
340 gtk_list_store_clear(store);
341
342 path = g_strconcat(get_rc_dir(), G_DIR_SEPARATOR_S,
343 "certs", G_DIR_SEPARATOR_S, NULL);
344
345 if((dir = g_dir_open(path, 0, &error)) == NULL) {
346 debug_print("couldn't open dir '%s': %s (%d)\n", path,
347 error->message, error->code);
348 g_error_free(error);
349 return;
350 }
351
352 while ((d = g_dir_read_name(dir)) != NULL) {
353 gchar *server = NULL, *port = NULL, *fp = NULL;
354 SSLCertificate *cert;
355
356 if(strstr(d, ".cert") != d + (strlen(d) - strlen(".cert")))
357 continue;
358
359 if (get_serverportfp_from_filename(d, &server, &port, &fp)) {
360
361 if (server != NULL && port != NULL) {
362 gint portnum = atoi(port);
363 if (portnum > 0 && portnum <= 65535) {
364 cert = ssl_certificate_find(server, portnum, fp);
365 ssl_manager_list_view_insert_cert(manager.certlist, NULL,
366 server, port, cert);
367 }
368 }
369
370 g_free(server);
371 g_free(port);
372 g_free(fp);
373 }
374 row++;
375 }
376 g_dir_close(dir);
377 g_free(path);
378 }
379
380 static void ssl_manager_close(void)
381 {
382 gtk_widget_hide(manager.window);
383 }
384
385 static void ssl_manager_close_cb(GtkWidget *widget,
386 gpointer data)
387 {
388 ssl_manager_close();
389 }
390
391 static gboolean key_pressed(GtkWidget *widget, GdkEventKey *event, gpointer data)
392 {
393 if (!event)
394 return FALSE;
395
396 if (event->keyval == GDK_KEY_Escape)
397 ssl_manager_close();
398 else if (event->keyval == GDK_KEY_Delete)
399 ssl_manager_delete_cb(manager.delete_btn, NULL);
400
401 return FALSE;
402 }
403
404 static void ssl_manager_double_clicked(GtkTreeView *list_view,
405 GtkTreePath *path,
406 GtkTreeViewColumn *column,
407 gpointer data)
408 {
409 SSLCertificate *cert;
410 GtkTreeIter iter;
411 GtkTreeModel *model = gtk_tree_view_get_model(list_view);
412
413 if (!gtk_tree_model_get_iter(model, &iter, path))
414 return;
415
416 gtk_tree_model_get(model, &iter,
417 SSL_MANAGER_CERT, &cert,
418 -1);
419
420 if (!cert)
421 return;
422
423 sslcertwindow_show_cert(cert);
424
425 return;
426 }
427
428
429
430 static void ssl_manager_delete_cb(GtkWidget *widget,
431 gpointer data)
432 {
433 SSLCertificate *cert;
434 int val;
435 GtkTreeIter iter;
436 GtkTreeModel *model;
437
438 cert = gtkut_tree_view_get_selected_pointer(
439 GTK_TREE_VIEW(manager.certlist), SSL_MANAGER_CERT,
440 &model, NULL, &iter);
441
442 if (!cert)
443 return;
444
445 val = alertpanel_full(_("Delete certificate"),
446 _("Do you really want to delete this certificate?"),
447 GTK_STOCK_CANCEL, GTK_STOCK_DELETE, NULL, ALERTFOCUS_FIRST,
448 FALSE, NULL, ALERT_WARNING);
449
450
451 if (val != G_ALERTALTERNATE)
452 return;
453
454 ssl_certificate_delete_from_disk(cert);
455 ssl_certificate_destroy(cert);
456 gtk_list_store_remove(GTK_LIST_STORE(model), &iter);
457 }
458
459 static void ssl_manager_view_cb(GtkWidget *widget,
460 gpointer data)
461 {
462 SSLCertificate *cert;
463
464 cert = gtkut_tree_view_get_selected_pointer(
465 GTK_TREE_VIEW(manager.certlist), SSL_MANAGER_CERT,
466 NULL, NULL, NULL);
467
468 if (!cert)
469 return;
470
471 sslcertwindow_show_cert(cert);
472 }
473 #endif