From 0c34d06494afe217ace7460c66df800d457dd2e8 Mon Sep 17 00:00:00 2001 From: Vincent Sanders Date: Sun, 23 Feb 2020 16:06:52 +0000 Subject: Keep the complete certificate chain from a fetch Instead of extracting information from the X509 certificate chain in the fetcher the entire chain is propagated in Distinguished Encoding Rules (DER) format. This allows all the information contained in a certificate chain to be retained which can subsequently be presented to the user --- frontends/gtk/page_info.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'frontends') diff --git a/frontends/gtk/page_info.c b/frontends/gtk/page_info.c index adc2dfa66..1401fdca9 100644 --- a/frontends/gtk/page_info.c +++ b/frontends/gtk/page_info.c @@ -52,6 +52,7 @@ struct nsgtk_crtvrfy_window { struct sslcert_session_data *ssl_data; }; + /** * destroy a previously created certificate view */ @@ -178,11 +179,14 @@ nserror nsgtk_page_info(struct browser_window *bw) struct nsgtk_crtvrfy_window *ncwin; nserror res; - size_t num; - struct ssl_cert_info *chain; + struct cert_chain *chain; struct nsurl *url; - browser_window_get_ssl_chain(bw, &num, &chain); + res = browser_window_get_ssl_chain(bw, &chain); + if (res != NSERROR_OK) { + NSLOG(netsurf, WARNING, "Unable to get certificate chain"); + return NSERROR_INVALID; + } url = browser_window_access_url(bw); ncwin = malloc(sizeof(struct nsgtk_crtvrfy_window)); @@ -245,8 +249,8 @@ nserror nsgtk_page_info(struct browser_window *bw) } /* initialise certificate viewing interface */ - res = sslcert_viewer_create_session_data(num, url, dummy_cb, NULL, chain, - &ncwin->ssl_data); + res = sslcert_viewer_create_session_data( + url, dummy_cb, NULL, chain, &ncwin->ssl_data); if (res != NSERROR_OK) { g_object_unref(G_OBJECT(ncwin->dlg)); free(ncwin); -- cgit v1.2.3