advisor.c
来自「支持SSL v2/v3, TLS, PKCS #5, PKCS #7, PKCS」· C语言 代码 · 共 2,020 行 · 第 1/5 页
C
2,020 行
#define WARN_LEAVE_SECURE_SPK "warn_leaving_secure"#define WARN_VIEW_MIXED_SPK "warn_viewing_mixed"#define WARN_SUBMIT_INSECURE_SPK "warn_submit_insecure"#define ENCRYPT_MAIL_SPK "mail_encrypt_outgoing_mail"#define SIGN_MAIL_SPK "mail_crypto_sign_outgoing_mail"#define SIGN_NEWS_SPK "mail_crypto_sign_outgoing_news"/* maximum number of pref items that will be sent back to the client */#define ITEMS_MAX 11static SSMStatus SSMSecurityAdvisor_get_bool_value(HTTPRequest* req, char* key, PRBool* value){ SSMStatus rv; char* tmpStr = NULL; rv = SSM_HTTPParamValue(req, key, &tmpStr); if (rv != SSM_SUCCESS) { return rv; } if (PL_strcmp(tmpStr, "true") == 0) { *value = PR_TRUE; } else if (PL_strcmp(tmpStr, "false") == 0) { *value = PR_FALSE; } else { SSM_DEBUG("I don't understand the value.\n"); return SSM_FAILURE; } return rv;}static SSMStatus ssm_set_pack_bool_pref(PrefSet* prefs, char* key, PRBool value, SetPrefElement* list, PRIntn* n){ SSMStatus rv; /* set the change to memory */ rv = PREF_SetBoolPref(prefs, key, value); if (rv != PR_SUCCESS) { return rv; } /* pack the change */ list[*n].key = PL_strdup(key); list[*n].type = BOOL_PREF; if (value == PR_TRUE) { list[*n].value = PL_strdup("true"); } else { list[*n].value = PL_strdup("false"); } (*n)++; return rv;}static SSMStatusSSMSecurityAdvisorContext_SavePrefs(SSMSecurityAdvisorContext* cx, HTTPRequest* req){ SSMStatus rv; SSMControlConnection* ctrl = NULL; PrefSet* prefs = NULL; PRBool ssl2on; PRBool ssl3on; PRBool autoSelect; PRBool warnEnterSecure; PRBool warnLeaveSecure; PRBool warnViewMixed; PRBool warnSubmitInsecure; PRBool encryptMail; PRBool signMail; PRBool signNews; char* autoStr = NULL; char* defaultCert = NULL; SetPrefElement list[ITEMS_MAX]; SetPrefListMessage request; PRIntn n = 0; /* counter */ int i; CMTItem message; PR_ASSERT(cx != NULL && cx->super.m_connection != NULL && cx->super.m_connection->m_prefs != NULL); ctrl = cx->super.m_connection; prefs = ctrl->m_prefs; /* retrieve pref values */ rv = SSMSecurityAdvisor_get_bool_value(req, SSL2_SPK, &ssl2on); if (rv != SSM_SUCCESS) { goto loser; } rv = SSMSecurityAdvisor_get_bool_value(req, SSL3_SPK, &ssl3on); if (rv != SSM_SUCCESS) { goto loser; } rv = SSMSecurityAdvisor_get_bool_value(req, CLIENT_AUTH_SPK, &autoSelect); if (rv != SSM_SUCCESS) { goto loser; } if (autoSelect == PR_TRUE) { autoStr = "Select Automatically"; } else { autoStr = "Ask Every Time"; } rv = SSM_HTTPParamValue(req, EMAIL_CERT_SPK, &defaultCert); if (defaultCert[0] == '\0') { defaultCert = NULL; rv = SSM_SUCCESS; } if (rv != SSM_SUCCESS) { goto loser; } rv = SSMSecurityAdvisor_get_bool_value(req, WARN_ENTER_SECURE_SPK, &warnEnterSecure); if (rv != SSM_SUCCESS) { goto loser; } rv = SSMSecurityAdvisor_get_bool_value(req, WARN_LEAVE_SECURE_SPK, &warnLeaveSecure); if (rv != SSM_SUCCESS) { goto loser; } rv = SSMSecurityAdvisor_get_bool_value(req, WARN_VIEW_MIXED_SPK, &warnViewMixed); if (rv != SSM_SUCCESS) { goto loser; } rv = SSMSecurityAdvisor_get_bool_value(req, WARN_SUBMIT_INSECURE_SPK, &warnSubmitInsecure); if (rv != SSM_SUCCESS) { goto loser; } rv = SSMSecurityAdvisor_get_bool_value(req, ENCRYPT_MAIL_SPK, &encryptMail); if (rv != SSM_SUCCESS) { goto loser; } rv = SSMSecurityAdvisor_get_bool_value(req, SIGN_MAIL_SPK, &signMail); if (rv != SSM_SUCCESS) { goto loser; } rv = SSMSecurityAdvisor_get_bool_value(req, SIGN_NEWS_SPK, &signNews); if (rv != SSM_SUCCESS) { goto loser; } /* commit the changes */ if (PREF_BoolPrefChanged(prefs, "security.enable_ssl2", ssl2on)) { /* value has changed */ rv = ssm_set_pack_bool_pref(prefs, "security.enable_ssl2", ssl2on, (SetPrefElement*)list, &n); SSL_EnableDefault(SSL_ENABLE_SSL2, ssl2on); } if (PREF_BoolPrefChanged(prefs, "security.enable_ssl3", ssl3on)) { rv = ssm_set_pack_bool_pref(prefs, "security.enable_ssl3", ssl3on, (SetPrefElement*)list, &n); SSL_EnableDefault(SSL_ENABLE_SSL3, ssl3on); } if (PREF_StringPrefChanged(prefs, "security.default_personal_cert", autoStr)) { rv = PREF_SetStringPref(prefs, "security.default_personal_cert", autoStr); list[n].key = PL_strdup("security.default_personal_cert"); list[n].type = STRING_PREF; list[n].value = PL_strdup(autoStr); n++; } if (PREF_StringPrefChanged(prefs, "security.default_mail_cert", defaultCert)) { rv = PREF_SetStringPref(prefs, "security.default_mail_cert", defaultCert); list[n].key = PL_strdup("security.default_mail_cert"); list[n].type = STRING_PREF; list[n].value = PL_strdup(defaultCert); n++; } if (PREF_BoolPrefChanged(prefs, "security.warn_entering_secure", warnEnterSecure)) { rv = ssm_set_pack_bool_pref(prefs, "security.warn_entering_secure", warnEnterSecure, (SetPrefElement*)list, &n); } if (PREF_BoolPrefChanged(prefs, "security.warn_leaving_secure", warnLeaveSecure)) { rv = ssm_set_pack_bool_pref(prefs, "security.warn_leaving_secure", warnLeaveSecure, (SetPrefElement*)list, &n); } if (PREF_BoolPrefChanged(prefs, "security.warn_viewing_mixed", warnViewMixed)) { rv = ssm_set_pack_bool_pref(prefs, "security.warn_viewing_mixed", warnViewMixed, (SetPrefElement*)list, &n); } if (PREF_BoolPrefChanged(prefs, "security.warn_submit_insecure", warnSubmitInsecure)) { rv = ssm_set_pack_bool_pref(prefs, "security.warn_submit_insecure", warnSubmitInsecure, (SetPrefElement*)list, &n); } if (PREF_BoolPrefChanged(prefs, "mail.encrypt_outgoing_mail", encryptMail)) { rv = ssm_set_pack_bool_pref(prefs, "mail.encrypt_outgoing_mail", encryptMail, (SetPrefElement*)list, &n); } if (PREF_BoolPrefChanged(prefs, "mail.crypto_sign_outgoing_mail", signMail)) { rv = ssm_set_pack_bool_pref(prefs, "mail.crypto_sign_outgoing_mail", signMail, (SetPrefElement*)list, &n); } if (PREF_BoolPrefChanged(prefs, "mail.crypto_sign_outgoing_news", signNews)) { rv = ssm_set_pack_bool_pref(prefs, "mail.crypto_sign_outgoing_news", signNews, (SetPrefElement*)list, &n); } rv = SSM_HTTPDefaultCommandHandler(req); if (rv != PR_SUCCESS) { goto loser; } /* finally, send the changes to the plugin so that it can save the * changes */ if (n > 0) { /* we need to send this event only if prefs changed */ request.length = n; request.list = list; message.type = SSM_EVENT_MESSAGE | SSM_SAVE_PREF_EVENT; if (CMT_EncodeMessage(SetPrefListMessageTemplate, &message, &request) != CMTSuccess) { goto loser; } /* send the message through the control out queue */ SSM_SendQMessage(ctrl->m_controlOutQ, SSM_PRIORITY_NORMAL, message.type, message.len, (char*)message.data, PR_TRUE); }loser: /* clean out list */ for (i = 0; i < n; i++) { if (list[i].key != NULL) { PR_Free(list[i].key); } if (list[i].value != NULL) { PR_Free(list[i].value); } } return rv;}SSMStatusSSMSecurityAdvisorContext_DoPKCS12Response(SSMSecurityAdvisorContext *advisor, HTTPRequest *req, const char *responseKey){ SSMTextGenContext *cx = NULL; SSMStatus rv = SSM_FAILURE; char name[256]; char *page = "pkcs12_action_followup"; char *type = NULL, *hdrs = NULL, *content = NULL; char *alertMessage = NULL, *out = NULL; rv = SSMTextGen_NewTopLevelContext(req, &cx); if (rv != SSM_SUCCESS) { SSM_HTTPReportSpecificError(req, "DoPKCS12Response: Error%d " "attempting to create textgen context.", rv); goto loser; } PR_snprintf(name, 256, "%s_type", page); rv = SSM_GetUTF8Text(cx, name, &type); if (rv != SSM_SUCCESS) { goto loser; } PR_snprintf(name, 256, "%s_content", page); rv = SSM_GetAndExpandText(cx, name, &content); if (rv != SSM_SUCCESS) { goto loser; } rv = SSM_GetUTF8Text(cx, responseKey, &alertMessage); if (rv != SSM_SUCCESS) { goto loser; } out = PR_smprintf(content, alertMessage, advisor->super.m_id); rv = SSM_HTTPSendOKHeader(req, hdrs, type); if (rv != SSM_SUCCESS) { goto loser; } rv = SSM_HTTPSendUTF8String(req, out); if (rv != SSM_SUCCESS) { goto loser; } req->sentResponse = PR_TRUE; goto done; loser: if (rv == SSM_SUCCESS) rv = SSM_FAILURE; done: if (cx != NULL) { SSMTextGen_DestroyContext(cx); } PR_FREEIF(type); PR_FREEIF(hdrs); PR_FREEIF(content); PR_FREEIF(out); PR_FREEIF(alertMessage); return rv;}static SSMStatusSSMSecurityAdvisorContext_DoNewDefMailReponse(SSMPKCS12Context *p12Cxt, HTTPRequest *req){ SSMTextGenContext *cx = NULL; char *fmt=NULL, *content=NULL, *defEmailCert=NULL, *expContent=NULL; SSMStatus rv; rv = SSMTextGen_NewTopLevelContext(req, &cx); if (rv != SSM_SUCCESS) { SSM_HTTPReportSpecificError(req, "DoNewDefMailReponse: Failed to " "create new TextGenContext."); goto loser; } rv = SSM_FindUTF8StringInBundles(cx, "pkcs12_restore_success_new_mail", &fmt); if (rv != SSM_SUCCESS || fmt == NULL) { goto loser; } rv = PREF_GetStringPref(req->ctrlconn->m_prefs, "security.default_mail_cert", &defEmailCert); if (rv != SSM_SUCCESS || defEmailCert == NULL) { goto loser; } content = PR_smprintf(fmt, defEmailCert); if (content == NULL) { goto loser; } rv = SSMTextGen_SubstituteString(cx, content, &expContent); if (rv != SSM_SUCCESS || expContent == NULL) { goto loser; } rv = SSM_HTTPSendOKHeader(req, "", "text/html"); if (rv != SSM_SUCCESS) { goto loser; } rv = SSM_HTTPSendUTF8String(req, expContent); if (rv != SSM_SUCCESS) { goto loser; } PR_Free(expContent); PR_Free(content); PR_Free(fmt); req->sentResponse = PR_TRUE; return SSM_SUCCESS; loser: if (cx != NULL) { SSMTextGen_DestroyContext(cx); } PR_FREEIF(fmt); PR_FREEIF(content); PR_FREEIF(expContent); return SSM_FAILURE;}SSMStatus SSMSecurityAdvisorContext_DoPKCS12Restore( SSMSecurityAdvisorContext *res, HTTPRequest *req){ SSMStatus rv; SSMPKCS12CreateArg p12Create; SSMPKCS12Context *p12Cxt=NULL; SSMResourceID rid; const char *responseKey; p12Create.isExportContext = PR_FALSE;⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?