changeset 1965:58c7f6c80d2f

https dpi: error strings for certificate error code 19 and 20 I was tired of those meaningless numbers.
author corvid <corvid@lavabit.com>
date Thu, 14 Apr 2011 16:11:33 +0000
parents 7c7ff4d0202b
children f2b37c93764b 5b4c489423d2
files dpi/https.c
diffstat 1 files changed, 37 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/dpi/https.c	Mon Apr 04 17:56:15 2011 +0000
+++ b/dpi/https.c	Thu Apr 14 16:11:33 2011 +0000
@@ -409,6 +409,9 @@
  * allow the user to decide what to do.  It may save the
  * certificate to the user's .dillo directory if it is
  * trusted.
+ *
+ * TODO: Rearrange this to get rid of redundancy.
+ *
  * Return value: -1 on abort, 0 or higher on continue
  */
 static int handle_certificate_problem(SSL * ssl_connection)
@@ -613,6 +616,40 @@
             "Continue", "Cancel");
          a_Dpip_dsh_write_str(sh, 1, d_cmd);
          dFree(d_cmd);
+         response_number = dialog_get_answer_number();
+         if (response_number == 1) {
+            ret = 0;
+         }
+         break;
+      case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+         d_cmd = a_Dpip_build_cmd(
+            "cmd=%s msg=%s alt1=%s alt2=%s",
+            "dialog",
+            "Self signed certificate in certificate chain. The certificate "
+            "chain could be built up using the untrusted certificates but the "
+            "root could not be found locally.",
+            "Continue", "Cancel");
+         a_Dpip_dsh_write_str(sh, 1, d_cmd);
+         dFree(d_cmd);
+         response_number = dialog_get_answer_number();
+         if (response_number == 1) {
+            ret = 0;
+         }
+         break;
+      case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+         d_cmd = a_Dpip_build_cmd(
+            "cmd=%s msg=%s alt1=%s alt2=%s",
+            "dialog",
+            "Unable to get local issuer certificate. The issuer certificate "
+            "of an untrusted certificate cannot be found.",
+            "Continue", "Cancel");
+         a_Dpip_dsh_write_str(sh, 1, d_cmd);
+         dFree(d_cmd);
+         response_number = dialog_get_answer_number();
+         if (response_number == 1) {
+            ret = 0;
+         }
+         break;
       default:             /*Need to add more options later*/
          snprintf(buf, 80,
                   "The remote certificate cannot be verified (code %ld)", st);