Introduction
Introduction Statistics Contact Development Disclaimer Help
tDisplay an error message and certificate on tls error - surf - customized buil…
git clone git://src.adamsgaard.dk/surf
Log
Files
Refs
README
LICENSE
---
commit 1dc3cd513a75570cc2fc33a86d4af565ecf9255e
parent c870098b82f1dfc3cd59cd8c90cea580bd01cb47
Author: Quentin Rameau <[email protected]>
Date: Sat, 29 Apr 2017 14:49:04 +0200
Display an error message and certificate on tls error
Diffstat:
M config.mk | 7 ++++---
M surf.c | 51 +++++++++++++++++++++++++++++…
2 files changed, 55 insertions(+), 3 deletions(-)
---
diff --git a/config.mk b/config.mk
t@@ -11,15 +11,16 @@ LIBPREFIX = $(PREFIX)/lib/surf
X11INC = /usr/X11R6/include
X11LIB = /usr/X11R6/lib
-GTKINC = `pkg-config --cflags gtk+-3.0 webkit2gtk-4.0`
-GTKLIB = `pkg-config --libs gtk+-3.0 webkit2gtk-4.0`
+GTKINC = `pkg-config --cflags gtk+-3.0 gcr-3 webkit2gtk-4.0`
+GTKLIB = `pkg-config --libs gtk+-3.0 gcr-3 webkit2gtk-4.0`
# includes and libs
INCS = -I$(X11INC) $(GTKINC)
LIBS = -L$(X11LIB) -lX11 $(GTKLIB) -lgthread-2.0
# flags
-CPPFLAGS = -DVERSION=\"${VERSION}\" -DWEBEXTDIR=\"${LIBPREFIX}\" -D_DEFAULT_SO…
+CPPFLAGS = -DVERSION=\"${VERSION}\" -DWEBEXTDIR=\"${LIBPREFIX}\" \
+ -D_DEFAULT_SOURCE -DGCR_API_SUBJECT_TO_CHANGE
SURF_CFLAGS = $(INCS) $(CPPFLAGS) $(CFLAGS)
SURF_LDFLAGS = $(LIBS) $(LDFLAGS)
diff --git a/surf.c b/surf.c
t@@ -22,6 +22,7 @@
#include <glib/gstdio.h>
#include <gtk/gtk.h>
#include <gtk/gtkx.h>
+#include <gcr/gcr.h>
#include <JavaScriptCore/JavaScript.h>
#include <webkit2/webkit2.h>
#include <X11/X.h>
t@@ -187,6 +188,9 @@ static GdkFilterReturn processx(GdkXEvent *xevent, GdkEven…
static gboolean winevent(GtkWidget *w, GdkEvent *e, Client *c);
static void showview(WebKitWebView *v, Client *c);
static GtkWidget *createwindow(Client *c);
+static gboolean loadfailedtls(WebKitWebView *v, gchar *uri,
+ GTlsCertificate *cert,
+ GTlsCertificateFlags err, Client *c);
static void loadchanged(WebKitWebView *v, WebKitLoadEvent e, Client *c);
static void progresschanged(WebKitWebView *v, GParamSpec *ps, Client *c);
static void titlechanged(WebKitWebView *view, GParamSpec *ps, Client *c);
t@@ -1070,6 +1074,8 @@ newview(Client *c, WebKitWebView *rv)
G_CALLBACK(decidepolicy), c);
g_signal_connect(G_OBJECT(v), "insecure-content-detected",
G_CALLBACK(insecurecontent), c);
+ g_signal_connect(G_OBJECT(v), "load-failed-with-tls-errors",
+ G_CALLBACK(loadfailedtls), c);
g_signal_connect(G_OBJECT(v), "load-changed",
G_CALLBACK(loadchanged), c);
g_signal_connect(G_OBJECT(v), "mouse-target-changed",
t@@ -1281,6 +1287,51 @@ createwindow(Client *c)
return w;
}
+gboolean
+loadfailedtls(WebKitWebView *v, gchar *uri, GTlsCertificate *cert,
+ GTlsCertificateFlags err, Client *c)
+{
+ GString *errmsg = g_string_new(NULL);
+ gchar *html, *pem;
+
+ c->tlserr = err;
+
+ if (err & G_TLS_CERTIFICATE_UNKNOWN_CA)
+ g_string_append(errmsg,
+ "The signing certificate authority is not known.<br>");
+ if (err & G_TLS_CERTIFICATE_BAD_IDENTITY)
+ g_string_append(errmsg,
+ "The certificate does not match the expected identity "
+ "of the site that it was retrieved from.<br>");
+ if (err & G_TLS_CERTIFICATE_NOT_ACTIVATED)
+ g_string_append(errmsg,
+ "The certificate's activation time "
+ "is still in the future.<br>");
+ if (err & G_TLS_CERTIFICATE_EXPIRED)
+ g_string_append(errmsg, "The certificate has expired.<br>");
+ if (err & G_TLS_CERTIFICATE_REVOKED)
+ g_string_append(errmsg,
+ "The certificate has been revoked according to "
+ "the GTlsConnection's certificate revocation list.<br>");
+ if (err & G_TLS_CERTIFICATE_INSECURE)
+ g_string_append(errmsg,
+ "The certificate's algorithm is considered insecure.<br>");
+ if (err & G_TLS_CERTIFICATE_GENERIC_ERROR)
+ g_string_append(errmsg,
+ "Some error occurred validating the certificate.<br>");
+
+ g_object_get(cert, "certificate-pem", &pem, NULL);
+ html = g_strdup_printf("<p>Could not validate TLS for ā€œ%sā€<br>%s</…
+ "<p><pre>%s</pre><p>", uri, errmsg->str, pem);
+ g_free(pem);
+ g_string_free(errmsg, TRUE);
+
+ webkit_web_view_load_alternate_html(c->view, html, uri, NULL);
+ g_free(html);
+
+ return TRUE;
+}
+
void
loadchanged(WebKitWebView *v, WebKitLoadEvent e, Client *c)
{
You are viewing proxied material from mx1.adamsgaard.dk. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.