Changeset 3559

Timestamp:

04/09/08 17:53:42

Author:

jdapena

Message:

* Added libtinymail-camel/camel-lite/camel/camel-certdb-cst.c.

Implementation of certificates database using maemo libcst. This
makes you can manage certificates using the maemo tablet certificate
manager.
* libtinymail-camel/camel-lite/camel/camel-certdb.h,
libtinymail-camel/camel-lite/camel/camel-private.h: modified to
have a pointer to the CST object in certdb and certificate id in
certificate object in case we compile with CST support.
* libtinymail-camel/camel-lite/camel/camel-tcp-stream-ssl.c:
Modified a bit the code for proper integration with cst (mainly
removing direct access to internal fields).
* libtinymail-camel/camel-lite/configure.ac,
libtinymail-camel/camel-lite/camel/Makefile.am:
Added support for detection and configuration of libcst.

Files:

• trunk/ChangeLog (modified) (1 diff)
• trunk/libtinymail-camel/camel-lite/camel/Makefile.am (modified) (2 diffs)
• trunk/libtinymail-camel/camel-lite/camel/camel-certdb-cst.c (added)
• trunk/libtinymail-camel/camel-lite/camel/camel-certdb.c (modified) (1 diff)
• trunk/libtinymail-camel/camel-lite/camel/camel-certdb.h (modified) (2 diffs)
• trunk/libtinymail-camel/camel-lite/camel/camel-private.h (modified) (2 diffs)
• trunk/libtinymail-camel/camel-lite/camel/camel-tcp-stream-ssl.c (modified) (7 diffs)
• trunk/libtinymail-camel/camel-lite/config.h.in (modified) (1 diff)
• trunk/libtinymail-camel/camel-lite/configure.ac (modified) (5 diffs)

trunk/ChangeLog

@@ +1 @@
+2008-04-09  Jose Dapena Paz  <jdapena@igalia.com>
+
+        * Added libtinymail-camel/camel-lite/camel/camel-certdb-cst.c.
+        Implementation of certificates database using maemo libcst. This
+        makes you can manage certificates using the maemo tablet certificate
+        manager.
+        
+        * libtinymail-camel/camel-lite/camel/camel-certdb.h,
+        libtinymail-camel/camel-lite/camel/camel-private.h: modified to
+        have a pointer to the CST object in certdb and certificate id in
+        certificate object in case we compile with CST support.
+        
+        * libtinymail-camel/camel-lite/camel/camel-tcp-stream-ssl.c:
+        Modified a bit the code for proper integration with cst (mainly
+        removing direct access to internal fields).
+        
+        * libtinymail-camel/camel-lite/configure.ac,
+        libtinymail-camel/camel-lite/camel/Makefile.am:
+        Added support for detection and configuration of libcst.
+
-2008-04-07 Dirk-Jan C. Binnema <dirk-jan.binnema@nokia.com>
-        * libtinymail-camel:

trunk/libtinymail-camel/camel-lite/camel/Makefile.am

@@ -147 +147 @@
-        camel-arg.c                             \
-        camel-block-file.c                      \
-        camel-certdb.c                          \
-        camel-charset-map.c                     \
-        camel-data-cache.c                      \
@@ -208 +207 @@
-        camel.c                                 \
-        $(LIBCAMEL_PLATFORM_DEP_SOURCES)
+
+if HAVE_CST
+libcamel_lite_1_2_la_SOURCES += camel-certdb-cst.c
+else
+libcamel_lite_1_2_la_SOURCES += camel-certdb.c
+endif
+
-
-libcamel_liteinclude_HEADERS =                  \

trunk/libtinymail-camel/camel-lite/camel/camel-certdb.c

@@ -479 +479 @@
-        CamelCert *cert;
-
+        /* we set 0 to trust level this way (unknown) */
+
-        if (certdb->cert_chunks)
-                cert = e_memchunk_alloc0 (certdb->cert_chunks);

trunk/libtinymail-camel/camel-lite/camel/camel-certdb.h

@@ -27 +27 @@
-#include <stdio.h>
-#include <camel/camel-object.h>
+#ifdef ENABLE_CST
+#include <cst.h>
+#endif
-
-#define CAMEL_CERTDB_TYPE         (camel_certdb_get_type ())
@@ -66 +69 @@
-
-        CamelCertTrust trust;
+#ifdef ENABLE_CST
+        cst_t_seqnum certID;
+#endif
-        GByteArray *rawcert;
-} CamelCert;

trunk/libtinymail-camel/camel-lite/camel/camel-private.h

@@ -33 +33 @@
-#include <pthread.h>
-#include <libedataserver/e-msgport.h>
+#ifdef ENABLE_CST
+#include <cst.h>
+#endif
-
-G_BEGIN_DECLS
@@ -183 +186 @@
-        GMutex *alloc_lock;     /* for setting up and using allocators */
-        GMutex *ref_lock;       /* for reffing/unreffing certs */
+#ifdef ENABLE_CST
+        CST    *cst;            /* Certificate storage */
+#endif
-};
-

trunk/libtinymail-camel/camel-lite/camel/camel-tcp-stream-ssl.c

@@ -903 +903 @@
-                        g_error_free (error);
-
-                        camel_cert_set_trust (
-                                certdb, ccert, CAMEL_CERT_TRUST_UNKNOWN);
-                        camel_certdb_touch (certdb);
-                        g_free (fingerprint);
@@ -924 +922 @@
-            || memcmp(ccert->rawcert->data, cert->derCert.data, cert->derCert.len) != 0) {
-                g_warning("rawcert != derCer");
-                camel_cert_set_trust(certdb, ccert, CAMEL_CERT_TRUST_UNKNOWN);
-                camel_certdb_touch(certdb);
-        }
@@ -946 +943 @@
-        /*camel_cert_set_hostname(certdb, ccert, ssl->priv->expected_host);*/
-        camel_cert_set_fingerprint(certdb, ccert, fingerprint);
-        camel_cert_set_trust(certdb, ccert, CAMEL_CERT_TRUST_UNKNOWN);
-        g_free(fingerprint);
-
@@ -1037 +1033 @@
-        SECStatus status = SECFailure;
-        struct _CamelTcpStreamSSLPrivate *priv;
+        CamelCertTrust trust;
-
-        g_return_val_if_fail (data != NULL, SECFailure);
@@ -1055 +1052 @@
-        }
-
-
+
+
-                status = CERT_VerifyCertNow(cert->dbhandle, cert, TRUE, certUsageSSLClient, NULL);
-                fingerprint = cert_fingerprint(cert);
@@ -1062 +1060 @@
-                                              "Fingerprint:       %s\n"
-                                              "Signature:         %s"),
-
-
+ccert?camel_cert_get_issuer (certdb, ccert):
+ccert?camel_cert_get_subject (certdb, ccert):
-                                            fingerprint, status == SECSuccess?_("GOOD"):_("BAD"));
-                g_free(fingerprint);
@@ -1081 +1079 @@
-                }
-        } else {
-ccert->
+
-        }
-

trunk/libtinymail-camel/camel-lite/config.h.in

@@ -6 +6 @@
-/* Base version (Major.Minor) */
-#undef BASE_VERSION
+
+/* Is libcst enabled */
+#undef ENABLE_CST
-
-/* Really don't try this at home */

trunk/libtinymail-camel/camel-lite/configure.ac

@@ -84 +84 @@
-                msg_ssl="yes (Mozilla NSS)"
-                msg_smime="yes (Mozilla NSS)"
+                has_nss=yes
-                AC_DEFINE(ENABLE_SMIME,1,[Define if SMIME should be enabled])
-                AC_DEFINE(HAVE_NSS,1,[Define if you have NSS])
@@ -97 +98 @@
-                SSL_LIBS="-lcrypto -lssl"
-                msg_ssl="yes (OpenSSL)"
+                has_nss=no
-                AC_DEFINE(HAVE_SSL,1,[Define if you have a supported SSL library])
-                AC_DEFINE(HAVE_OPENSSL,1,[Define if you want to use OpenSSL as SSL library])
@@ -112 +114 @@
-                msg_ssl="yes (Mozilla NSS)"
-                msg_smime="yes (Mozilla NSS)"
+                has_nss=yes
-                AC_DEFINE(ENABLE_SMIME,1,[Define if SMIME should be enabled])
-                AC_DEFINE(HAVE_NSS,1,[Define if you have NSS])
@@ -119 +122 @@
-   ])
-
+if test x$has_nss = xyes; then
+     AC_MSG_CHECKING(Support for libCST)
+     PKG_CHECK_MODULES(LIBCST, cst, have_cst=yes, have_cst=no)
+     AC_MSG_RESULT($have_cst)
+else
+     LIBCST_CFLAGS=
+     LIBCST_LIBS=
+     have_cst=no
+fi
+AM_CONDITIONAL([HAVE_CST],[test x"$have_cst" == "xyes"])
+AC_DEFINE_UNQUOTED(ENABLE_CST, "$have_cst", [Is libcst enabled])
+AC_SUBST(LIBCST_CFLAGS)
+AC_SUBST(LIBCST_LIBS)
-
-AC_SUBST(msg_smime)
@@ -209 +225 @@
-
-PKG_CHECK_MODULES(CAMEL, gthread-2.0 gmodule-2.0 gobject-2.0 $mozilla_nss_eds $mozilla_nspr_eds)
-
-
+LIBCST_CFLAGS $
+LIBCST_LIBS $
-
-AC_SUBST(CAMEL_CFLAGS)