diff options
author | Daniel Silverstone <dsilvers@digital-scurf.org> | 2019-08-06 13:15:23 +0100 |
---|---|---|
committer | Daniel Silverstone <dsilvers@digital-scurf.org> | 2019-08-06 13:15:23 +0100 |
commit | 1cf1ec55bc7647e737d7ec41bfe1def721269c02 (patch) | |
tree | 7fd4c9bdfe1d14789dbbe3eba696bba761dabf74 /utils/messages.c | |
parent | 75349e79d82c43b9731b9349364f467c81fce94b (diff) | |
download | netsurf-1cf1ec55bc7647e737d7ec41bfe1def721269c02.tar.gz netsurf-1cf1ec55bc7647e737d7ec41bfe1def721269c02.tar.bz2 |
Support SSL verification through new about: handler
In doing this, also propagate why the certificates were bad
so that the page can display a reason. We will need FatMessages
for all these.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
Diffstat (limited to 'utils/messages.c')
-rw-r--r-- | utils/messages.c | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/utils/messages.c b/utils/messages.c index 5beeba38d..29443f99e 100644 --- a/utils/messages.c +++ b/utils/messages.c @@ -343,6 +343,54 @@ const char *messages_get_errorcode(nserror code) return messages_get_ctx("Unknown", messages_hash); } +/* exported function documented in utils/messages.h */ +const char *messages_get_sslcode(ssl_cert_err code) +{ + switch (code) { + case SSL_CERT_ERR_OK: + /* Nothing wrong with this certificate */ + return messages_get_ctx("SSLCertErrOk", messages_hash); + + case SSL_CERT_ERR_UNKNOWN: + /* Unknown error */ + return messages_get_ctx("SSLCertErrUnknown", messages_hash); + + case SSL_CERT_ERR_BAD_ISSUER: + /* Bad issuer */ + return messages_get_ctx("SSLCertErrBadIssuer", messages_hash); + + case SSL_CERT_ERR_BAD_SIG: + /* Bad signature on this certificate */ + return messages_get_ctx("SSLCertErrBadSig", messages_hash); + + case SSL_CERT_ERR_TOO_YOUNG: + /* This certificate is not yet valid */ + return messages_get_ctx("SSLCertErrTooYoung", messages_hash); + + case SSL_CERT_ERR_TOO_OLD: + /* This certificate is no longer valid */ + return messages_get_ctx("SSLCertErrTooOld", messages_hash); + + case SSL_CERT_ERR_SELF_SIGNED: + /* This certificate is self signed */ + return messages_get_ctx("SSLCertErrSelfSigned", messages_hash); + + case SSL_CERT_ERR_CHAIN_SELF_SIGNED: + /* This certificate chain is self signed */ + return messages_get_ctx("SSLCertErrChainSelfSigned", messages_hash); + + case SSL_CERT_ERR_REVOKED: + /* This certificate has been revoked */ + return messages_get_ctx("SSLCertErrRevoked", messages_hash); + } + + /* The switch has no default, so the compiler should tell us when we + * forget to add messages for new error codes. As such, we should + * never get here. + */ + assert(0); + return messages_get_ctx("Unknown", messages_hash); +} /* exported function documented in utils/messages.h */ void messages_destroy(void) |