diff options
| author | Troels Henriksen <athas@sigkill.dk> | 2011-11-04 13:23:57 +0100 |
|---|---|---|
| committer | Troels Henriksen <athas@sigkill.dk> | 2011-11-04 13:23:57 +0100 |
| commit | bc73b48743eb0b51905322cad25b4647569e7996 (patch) | |
| tree | 1102d3fb2e1f44b7451b7a2f8017b76032b659b6 /surf.c | |
| parent | Add eval() function for executing Javascript. Handy for keybindings. (diff) | |
| download | surf-bc73b48743eb0b51905322cad25b4647569e7996.tar.gz surf-bc73b48743eb0b51905322cad25b4647569e7996.tar.bz2 surf-bc73b48743eb0b51905322cad25b4647569e7996.zip | |
Add SSL verification patch by Nick White.
Diffstat (limited to 'surf.c')
| -rw-r--r-- | surf.c | 29 |
1 files changed, 26 insertions, 3 deletions
diff --git a/surf.c b/surf.c index 60d1b14..492c836 100644 --- a/surf.c +++ b/surf.c @@ -37,6 +37,7 @@ typedef struct Client { char *title, *linkhover; const char *uri, *needle; gint progress; + gboolean sslfailed; struct Client *next; gboolean zoomed; } Client; @@ -260,8 +261,11 @@ drawindicator(Client *c) { w = c->indicator; width = c->progress * w->allocation.width / 100; gc = gdk_gc_new(w->window); - gdk_color_parse(strstr(uri, "https://") == uri ? - progress_trust : progress, &fg); + if(strstr(uri, "https://") == uri) + gdk_color_parse(c->sslfailed ? + progress_untrust : progress_trust, &fg); + else + gdk_color_parse(progress, &fg); gdk_gc_set_rgb_fg_color(gc, &fg); gdk_draw_rectangle(w->window, w->style->bg_gc[GTK_WIDGET_STATE(w)], @@ -377,9 +381,24 @@ linkhover(WebKitWebView *v, const char* t, const char* l, Client *c) { void loadstatuschange(WebKitWebView *view, GParamSpec *pspec, Client *c) { + WebKitWebFrame *frame; + WebKitWebDataSource *src; + WebKitNetworkRequest *request; + SoupMessage *msg; + char *uri; + switch(webkit_web_view_get_load_status (c->view)) { case WEBKIT_LOAD_COMMITTED: - setatom(c, AtomUri, geturi(c)); + uri = geturi(c); + if(strstr(uri, "https://") == uri) { + frame = webkit_web_view_get_main_frame(c->view); + src = webkit_web_frame_get_data_source(frame); + request = webkit_web_data_source_get_request(src); + msg = webkit_network_request_get_message(request); + c->sslfailed = soup_message_get_flags(msg) + ^ SOUP_MESSAGE_CERTIFICATE_TRUSTED; + } + setatom(c, AtomUri, uri); break; case WEBKIT_LOAD_FINISHED: c->progress = 0; @@ -708,6 +727,10 @@ setup(void) { soup_session_remove_feature_by_type(s, soup_cookie_jar_get_type()); g_signal_connect_after(G_OBJECT(s), "request-started", G_CALLBACK(newrequest), NULL); + /* ssl */ + g_object_set(G_OBJECT(s), "ssl-ca-file", cafile, NULL); + g_object_set(G_OBJECT(s), "ssl-strict", strictssl, NULL); + /* proxy */ if((proxy = getenv("http_proxy")) && strcmp(proxy, "")) { new_proxy = g_strrstr(proxy, "http://") ? g_strdup(proxy) : |