--- surf.c | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) diff --git a/surf.c b/surf.c index e967672..14de226 100644 --- a/surf.c +++ b/surf.c _AT_@ -69,6 +69,21 @@ typedef struct { SoupCookieJarTextClass parent_class; } CookieJarClass; +typedef struct { + int flag; + char *errstr; +} TlsError; + +static TlsError tlserrors[] = { + { G_TLS_CERTIFICATE_UNKNOWN_CA, "The signing certificate authority is not known." }, + { G_TLS_CERTIFICATE_BAD_IDENTITY, "The certificate does not match the expected identity of the site that it was retrieved from." }, + { G_TLS_CERTIFICATE_NOT_ACTIVATED, "The certificate's activation time is still in the future." }, + { G_TLS_CERTIFICATE_EXPIRED, "The certificate has expired." }, + { G_TLS_CERTIFICATE_REVOKED, "The certificate has been revoked." }, + { G_TLS_CERTIFICATE_INSECURE, "The certificate's algorithm is considered insecure." }, + { G_TLS_CERTIFICATE_GENERIC_ERROR, "A general error occurred validating the certificate." }, +}; + G_DEFINE_TYPE(CookieJar, cookiejar, SOUP_TYPE_COOKIE_JAR_TEXT) static Display *dpy; _AT_@ -630,7 +645,13 @@ loadstatuschange(WebKitWebView *view, GParamSpec *pspec, Client *c) { WebKitWebDataSource *src; WebKitNetworkRequest *request; SoupMessage *msg; + SoupSession *session; + GTlsCertificate *cert; + GTlsCertificateFlags flags; char *uri; + char *cut_uri; + char *s; + int i; switch(webkit_web_view_get_load_status (c->view)) { case WEBKIT_LOAD_COMMITTED: _AT_@ -642,6 +663,28 @@ loadstatuschange(WebKitWebView *view, GParamSpec *pspec, Client *c) { msg = webkit_network_request_get_message(request); c->sslfailed = !(soup_message_get_flags(msg) & SOUP_MESSAGE_CERTIFICATE_TRUSTED); + if(c->sslfailed) { + /* For some reason the https status can't be got from webkit's soup msg, + * so we make a dummy connection to the server's homepage here. */ + cut_uri = g_strdup(uri); + s = cut_uri; + for (i = 0; i < 3; ++i) { + s = strchr(&(s[1]), '/'); + } + s[1] = '\0'; + msg = soup_message_new("HEAD", uri); + soup_message_set_flags(msg, SOUP_MESSAGE_NO_REDIRECT); + session = webkit_get_default_session(); + soup_session_send_message(session, msg); + + soup_message_get_https_status(msg, &cert, &flags); + + for(i = 0; i < LENGTH(tlserrors); i++) { + if(flags & tlserrors[i].flag) { + fprintf(stderr, "%s - %s\n", uri, tlserrors[i].errstr); + } + } + } } setatom(c, AtomUri, uri); break; -- 1.7.10.4 --bg08WKrSYDhXBjb5--Received on Mon Sep 17 2001 - 00:00:00 CEST
This archive was generated by hypermail 2.3.0 : Tue Feb 25 2014 - 20:12:02 CET