tAdd a keybinding to show current TLS certificate - surf - customized build of … | |
git clone git://src.adamsgaard.dk/surf | |
Log | |
Files | |
Refs | |
README | |
LICENSE | |
--- | |
commit 9eda6f5dd556552c29dd43095dd5a9bf026a8a5f | |
parent 1dc3cd513a75570cc2fc33a86d4af565ecf9255e | |
Author: Quentin Rameau <[email protected]> | |
Date: Sat, 29 Apr 2017 14:56:02 +0200 | |
Add a keybinding to show current TLS certificate | |
Diffstat: | |
M config.def.h | 1 + | |
M surf.1 | 3 +++ | |
M surf.c | 41 ++++++++++++++++++++++++++++-… | |
3 files changed, 42 insertions(+), 3 deletions(-) | |
--- | |
diff --git a/config.def.h b/config.def.h | |
t@@ -152,6 +152,7 @@ static Key keys[] = { | |
{ MODKEY|GDK_SHIFT_MASK, GDK_KEY_n, find, { .i = -1 } }, | |
{ MODKEY|GDK_SHIFT_MASK, GDK_KEY_p, print, { 0 } }, | |
+ { MODKEY, GDK_KEY_x, showcert, { 0 } }, | |
{ MODKEY|GDK_SHIFT_MASK, GDK_KEY_a, togglecookiepolicy, { 0 } }, | |
{ 0, GDK_KEY_F11, togglefullscreen, { 0 } }, | |
diff --git a/surf.1 b/surf.1 | |
t@@ -198,6 +198,9 @@ Copies current URI to primary selection. | |
.B Ctrl\-o | |
Show the sourcecode of the current page. | |
.TP | |
+.B Ctrl\-x | |
+Display the current TLS certificate in a popup window. | |
+.TP | |
.B Ctrl\-Shift\-a | |
Toggle through the the | |
.I cookie policies. | |
diff --git a/surf.c b/surf.c | |
t@@ -5,6 +5,7 @@ | |
#include <sys/file.h> | |
#include <sys/types.h> | |
#include <sys/wait.h> | |
+#include <glib.h> | |
#include <libgen.h> | |
#include <limits.h> | |
#include <pwd.h> | |
t@@ -106,9 +107,10 @@ typedef struct Client { | |
WebKitWebInspector *inspector; | |
WebKitFindController *finder; | |
WebKitHitTestResult *mousepos; | |
+ GTlsCertificate *cert, *failedcert; | |
GTlsCertificateFlags tlserr; | |
Window xid; | |
- int progress, fullscreen, https, insecure; | |
+ int progress, fullscreen, https, insecure, errorpage; | |
const char *title, *overtitle, *targeturi; | |
const char *needle; | |
struct Client *next; | |
t@@ -216,6 +218,7 @@ static void destroywin(GtkWidget* w, Client *c); | |
static void pasteuri(GtkClipboard *clipboard, const char *text, gpointer d); | |
static void reload(Client *c, const Arg *a); | |
static void print(Client *c, const Arg *a); | |
+static void showcert(Client *c, const Arg *a); | |
static void clipboard(Client *c, const Arg *a); | |
static void zoom(Client *c, const Arg *a); | |
static void scroll(Client *c, const Arg *a); | |
t@@ -1294,7 +1297,9 @@ loadfailedtls(WebKitWebView *v, gchar *uri, GTlsCertific… | |
GString *errmsg = g_string_new(NULL); | |
gchar *html, *pem; | |
+ c->failedcert = g_object_ref(cert); | |
c->tlserr = err; | |
+ c->errorpage = 1; | |
if (err & G_TLS_CERTIFICATE_UNKNOWN_CA) | |
g_string_append(errmsg, | |
t@@ -1322,7 +1327,9 @@ loadfailedtls(WebKitWebView *v, gchar *uri, GTlsCertific… | |
g_object_get(cert, "certificate-pem", &pem, NULL); | |
html = g_strdup_printf("<p>Could not validate TLS for ā%sā<br>%s</… | |
- "<p><pre>%s</pre><p>", uri, errmsg->str, pem); | |
+ "<p>You can inspect the following certificate " | |
+ "with Ctrl+Shift+x (default keybinding).</p>" | |
+ "<p><pre>%s</pre></p>", uri, errmsg->str, pem); | |
g_free(pem); | |
g_string_free(errmsg, TRUE); | |
t@@ -1344,6 +1351,10 @@ loadchanged(WebKitWebView *v, WebKitLoadEvent e, Client… | |
c->title = title; | |
c->https = c->insecure = 0; | |
seturiparameters(c, geturi(c)); | |
+ if (c->errorpage) | |
+ c->errorpage = 0; | |
+ else | |
+ g_clear_object(&c->failedcert); | |
break; | |
case WEBKIT_LOAD_REDIRECTED: | |
setatom(c, AtomUri, title); | |
t@@ -1351,7 +1362,7 @@ loadchanged(WebKitWebView *v, WebKitLoadEvent e, Client … | |
seturiparameters(c, geturi(c)); | |
break; | |
case WEBKIT_LOAD_COMMITTED: | |
- c->https = webkit_web_view_get_tls_info(c->view, NULL, | |
+ c->https = webkit_web_view_get_tls_info(c->view, &c->cert, | |
&c->tlserr); | |
break; | |
case WEBKIT_LOAD_FINISHED: | |
t@@ -1605,6 +1616,30 @@ print(Client *c, const Arg *a) | |
} | |
void | |
+showcert(Client *c, const Arg *a) | |
+{ | |
+ GTlsCertificate *cert = c->failedcert ? c->failedcert : c->cert; | |
+ GcrCertificate *gcrt; | |
+ GByteArray *crt; | |
+ GtkWidget *win; | |
+ GcrCertificateWidget *wcert; | |
+ | |
+ if (!cert) | |
+ return; | |
+ | |
+ g_object_get(cert, "certificate", &crt, NULL); | |
+ gcrt = gcr_simple_certificate_new(crt->data, crt->len); | |
+ g_byte_array_unref(crt); | |
+ | |
+ win = gtk_window_new(GTK_WINDOW_TOPLEVEL); | |
+ wcert = gcr_certificate_widget_new(gcrt); | |
+ g_object_unref(gcrt); | |
+ | |
+ gtk_container_add(GTK_CONTAINER(win), GTK_WIDGET(wcert)); | |
+ gtk_widget_show_all(win); | |
+} | |
+ | |
+void | |
clipboard(Client *c, const Arg *a) | |
{ | |
if (a->b) { /* load clipboard uri */ |