 |
Add a keybinding to show current TLS certificate - surf - surf browser, a WebKi… |
 |
git clone git://git.suckless.org/surf |
 |
Log |
|
Files |
|
Refs |
|
README |
|
LICENSE |
|
--- |
|
commit 9eda6f5dd556552c29dd43095dd5a9bf026a8a5f |
|
parent 1dc3cd513a75570cc2fc33a86d4af565ecf9255e |
|
Author: Quentin Rameau <[email protected]> |
|
Date: Sat, 29 Apr 2017 14:56:02 +0200 |
|
|
|
Add a keybinding to show current TLS certificate |
|
|
|
Diffstat: |
|
M config.def.h | 1 + |
|
M surf.1 | 3 +++ |
|
M surf.c | 41 ++++++++++++++++++++++++++++-… |
|
|
|
3 files changed, 42 insertions(+), 3 deletions(-) |
|
--- |
|
diff --git a/config.def.h b/config.def.h |
|
@@ -152,6 +152,7 @@ static Key keys[] = { |
|
{ MODKEY|GDK_SHIFT_MASK, GDK_KEY_n, find, { .i = -1 } }, |
|
|
|
{ MODKEY|GDK_SHIFT_MASK, GDK_KEY_p, print, { 0 } }, |
|
+ { MODKEY, GDK_KEY_x, showcert, { 0 } }, |
|
|
|
{ MODKEY|GDK_SHIFT_MASK, GDK_KEY_a, togglecookiepolicy, { 0 } }, |
|
{ 0, GDK_KEY_F11, togglefullscreen, { 0 } }, |
|
diff --git a/surf.1 b/surf.1 |
|
@@ -198,6 +198,9 @@ Copies current URI to primary selection. |
|
.B Ctrl\-o |
|
Show the sourcecode of the current page. |
|
.TP |
|
+.B Ctrl\-x |
|
+Display the current TLS certificate in a popup window. |
|
+.TP |
|
.B Ctrl\-Shift\-a |
|
Toggle through the the |
|
.I cookie policies. |
|
diff --git a/surf.c b/surf.c |
|
@@ -5,6 +5,7 @@ |
|
#include <sys/file.h> |
|
#include <sys/types.h> |
|
#include <sys/wait.h> |
|
+#include <glib.h> |
|
#include <libgen.h> |
|
#include <limits.h> |
|
#include <pwd.h> |
|
@@ -106,9 +107,10 @@ typedef struct Client { |
|
WebKitWebInspector *inspector; |
|
WebKitFindController *finder; |
|
WebKitHitTestResult *mousepos; |
|
+ GTlsCertificate *cert, *failedcert; |
|
GTlsCertificateFlags tlserr; |
|
Window xid; |
|
- int progress, fullscreen, https, insecure; |
|
+ int progress, fullscreen, https, insecure, errorpage; |
|
const char *title, *overtitle, *targeturi; |
|
const char *needle; |
|
struct Client *next; |
|
@@ -216,6 +218,7 @@ static void destroywin(GtkWidget* w, Client *c); |
|
static void pasteuri(GtkClipboard *clipboard, const char *text, gpointer d); |
|
static void reload(Client *c, const Arg *a); |
|
static void print(Client *c, const Arg *a); |
|
+static void showcert(Client *c, const Arg *a); |
|
static void clipboard(Client *c, const Arg *a); |
|
static void zoom(Client *c, const Arg *a); |
|
static void scroll(Client *c, const Arg *a); |
|
@@ -1294,7 +1297,9 @@ loadfailedtls(WebKitWebView *v, gchar *uri, GTlsCertifica… |
|
GString *errmsg = g_string_new(NULL); |
|
gchar *html, *pem; |
|
|
|
+ c->failedcert = g_object_ref(cert); |
|
c->tlserr = err; |
|
+ c->errorpage = 1; |
|
|
|
if (err & G_TLS_CERTIFICATE_UNKNOWN_CA) |
|
g_string_append(errmsg, |
|
@@ -1322,7 +1327,9 @@ loadfailedtls(WebKitWebView *v, gchar *uri, GTlsCertifica… |
|
|
|
g_object_get(cert, "certificate-pem", &pem, NULL); |
|
html = g_strdup_printf("<p>Could not validate TLS for ā%sā<br>%s</… |
|
- "<p><pre>%s</pre><p>", uri, errmsg->str, pem); |
|
+ "<p>You can inspect the following certificate " |
|
+ "with Ctrl+Shift+x (default keybinding).</p>" |
|
+ "<p><pre>%s</pre></p>", uri, errmsg->str, pem); |
|
g_free(pem); |
|
g_string_free(errmsg, TRUE); |
|
|
|
@@ -1344,6 +1351,10 @@ loadchanged(WebKitWebView *v, WebKitLoadEvent e, Client … |
|
c->title = title; |
|
c->https = c->insecure = 0; |
|
seturiparameters(c, geturi(c)); |
|
+ if (c->errorpage) |
|
+ c->errorpage = 0; |
|
+ else |
|
+ g_clear_object(&c->failedcert); |
|
break; |
|
case WEBKIT_LOAD_REDIRECTED: |
|
setatom(c, AtomUri, title); |
|
@@ -1351,7 +1362,7 @@ loadchanged(WebKitWebView *v, WebKitLoadEvent e, Client *… |
|
seturiparameters(c, geturi(c)); |
|
break; |
|
case WEBKIT_LOAD_COMMITTED: |
|
- c->https = webkit_web_view_get_tls_info(c->view, NULL, |
|
+ c->https = webkit_web_view_get_tls_info(c->view, &c->cert, |
|
&c->tlserr); |
|
break; |
|
case WEBKIT_LOAD_FINISHED: |
|
@@ -1605,6 +1616,30 @@ print(Client *c, const Arg *a) |
|
} |
|
|
|
void |
|
+showcert(Client *c, const Arg *a) |
|
+{ |
|
+ GTlsCertificate *cert = c->failedcert ? c->failedcert : c->cert; |
|
+ GcrCertificate *gcrt; |
|
+ GByteArray *crt; |
|
+ GtkWidget *win; |
|
+ GcrCertificateWidget *wcert; |
|
+ |
|
+ if (!cert) |
|
+ return; |
|
+ |
|
+ g_object_get(cert, "certificate", &crt, NULL); |
|
+ gcrt = gcr_simple_certificate_new(crt->data, crt->len); |
|
+ g_byte_array_unref(crt); |
|
+ |
|
+ win = gtk_window_new(GTK_WINDOW_TOPLEVEL); |
|
+ wcert = gcr_certificate_widget_new(gcrt); |
|
+ g_object_unref(gcrt); |
|
+ |
|
+ gtk_container_add(GTK_CONTAINER(win), GTK_WIDGET(wcert)); |
|
+ gtk_widget_show_all(win); |
|
+} |
|
+ |
|
+void |
|
clipboard(Client *c, const Arg *a) |
|
{ |
|
if (a->b) { /* load clipboard uri */ |
