Show summary of trusted certificates, add /tls cert <fingerprint>

fixes #676
This commit is contained in:
James Booth
2015-11-22 19:53:41 +00:00
parent 216493ef07
commit bf1e7efe23
7 changed files with 91 additions and 20 deletions

View File

@@ -206,7 +206,7 @@ static struct cmd_t command_defs[] =
"/tls allow",
"/tls always",
"/tls deny",
"/tls cert",
"/tls cert [<fingerprint>]",
"/tls trust",
"/tls trusted",
"/tls revoke <fingerprint>",
@@ -221,8 +221,9 @@ static struct cmd_t command_defs[] =
{ "always", "Always allow connections with TLS certificate." },
{ "deny", "Abort connection." },
{ "cert", "Show the current TLS certificate." },
{ "cert <fingerprint>", "Show details of trusted certificate." },
{ "trust", "Add the current TLS certificate to manually trusted certiciates." },
{ "trusted", "List manually trusted certificates (with '/tls always' or '/tls trust')." },
{ "trusted", "List summary of manually trusted certificates (with '/tls always' or '/tls trust')." },
{ "revoke <fingerprint>", "Remove a manually trusted certificate." },
{ "certpath", "Show the trusted certificate path." },
{ "certpath set <path>", "Specify filesystem path containing trusted certificates." },
@@ -3877,6 +3878,11 @@ _tls_autocomplete(ProfWin *window, const char *const input)
return result;
}
result = autocomplete_param_with_func(input, "/tls cert", tlscerts_complete);
if (result) {
return result;
}
result = autocomplete_param_with_ac(input, "/tls certpath", tls_certpath_ac, TRUE);
if (result) {
return result;

View File

@@ -236,7 +236,7 @@ cmd_tls(ProfWin *window, const char *const command, gchar **args)
}
while (curr) {
TLSCertificate *cert = curr->data;
cons_show_tlscert(cert);
cons_show_tlscert_summary(cert);
cons_show("");
curr = g_list_next(curr);
}
@@ -267,24 +267,35 @@ cmd_tls(ProfWin *window, const char *const command, gchar **args)
return _cmd_set_boolean_preference(args[1], command, "TLS titlebar indicator", PREF_TLS_SHOW);
} else if (g_strcmp0(args[0], "cert") == 0) {
#ifdef HAVE_LIBMESODE
jabber_conn_status_t conn_status = jabber_get_connection_status();
if (conn_status != JABBER_CONNECTED) {
cons_show("You are not currently connected.");
if (args[1]) {
TLSCertificate *cert = tlscerts_get_trusted(args[1]);
if (!cert) {
cons_show("No such certificate.");
} else {
cons_show_tlscert(cert);
tlscerts_free(cert);
}
return TRUE;
} else {
jabber_conn_status_t conn_status = jabber_get_connection_status();
if (conn_status != JABBER_CONNECTED) {
cons_show("You are not currently connected.");
return TRUE;
}
if (!jabber_conn_is_secured()) {
cons_show("No TLS connection established");
return TRUE;
}
TLSCertificate *cert = jabber_get_tls_peer_cert();
if (!cert) {
cons_show("Error getting TLS certificate.");
return TRUE;
}
cons_show_tlscert(cert);
cons_show("");
tlscerts_free(cert);
return TRUE;
}
if (!jabber_conn_is_secured()) {
cons_show("No TLS connection established");
return TRUE;
}
TLSCertificate *cert = jabber_get_tls_peer_cert();
if (!cert) {
cons_show("Error getting TLS certificate.");
return TRUE;
}
cons_show_tlscert(cert);
cons_show("");
tlscerts_free(cert);
return TRUE;
#else
cons_show("Certificate fetching not supported.");
return TRUE;