From e1d2e58570d620f25425e8f1c01131a426d9818e Mon Sep 17 00:00:00 2001
From: Paweł Zuzelski <pawelz@pld-linux.org>
Date: Mon, 21 Jun 2010 17:40:28 +0200
Subject: ssl certs verification

Introduced config variables:
  (string) ssl_ca_file
     (int) ssl_verify
ssl_ca_file is openssl-style CAfile containing trusted root certificates.
ssl_verify value controls whether to verify remote certs. If it is set to
non-zero, uzbl won't connect to remote https site unless it validates cert.
---
 src/uzbl-core.h |  6 ++++++
 src/variables.c | 27 +++++++++++++++++++++++++++
 2 files changed, 33 insertions(+)

(limited to 'src')

diff --git a/src/uzbl-core.h b/src/uzbl-core.h
index aa88feb..c0d7583 100644
--- a/src/uzbl-core.h
+++ b/src/uzbl-core.h
@@ -130,6 +130,11 @@ typedef struct {
     gint            max_conns_host;
 } Network;
 
+/* ssl */
+typedef struct {
+    gchar *ca_file;
+    gchar *verify_cert;
+} Ssl;
 
 /* Behaviour */
 typedef struct {
@@ -185,6 +190,7 @@ typedef struct {
     GUI           gui;
     State         state;
     Network       net;
+    Ssl           ssl;
     Behaviour     behave;
     Communication comm;
     Info          info;
diff --git a/src/variables.c b/src/variables.c
index 7158faa..2d952ac 100644
--- a/src/variables.c
+++ b/src/variables.c
@@ -371,6 +371,30 @@ set_http_debug(int debug) {
             SOUP_SESSION_FEATURE(uzbl.net.soup_logger));
 }
 
+void
+set_ca_file(gchar *path) {
+    g_object_set (uzbl.net.soup_session, "ssl-ca-file", path, NULL);
+}
+
+gchar *
+get_ca_file() {
+    gchar *path;
+    g_object_get (uzbl.net.soup_session, "ssl-ca-file", &path, NULL);
+    return path;
+}
+
+void
+set_verify_cert(int strict) {
+    g_object_set (uzbl.net.soup_session, "ssl-strict", strict, NULL);
+}
+
+int
+get_verify_cert() {
+    int strict;
+    g_object_get (uzbl.net.soup_session, "ssl-strict", &strict, NULL);
+    return strict;
+}
+
 #define EXPOSE_WEBKIT_VIEW_SETTINGS(SYM, PROPERTY, TYPE) \
 void set_##SYM(TYPE val) { \
   g_object_set(view_settings(), (PROPERTY), val, NULL); \
@@ -742,6 +766,9 @@ const struct var_name_to_ptr_t {
 
     { "view_source",            PTR_V_INT(uzbl.behave.view_source,              0,   set_view_source)},
 
+    { "ssl_ca_file",            PTR_V_STR_GETSET(ca_file)},
+    { "ssl_verify",             PTR_V_INT_GETSET(verify_cert)},
+
     /* exported WebKitWebSettings properties */
     { "javascript_windows",     PTR_V_INT_GETSET(javascript_windows)},
     { "zoom_level",             PTR_V_FLOAT_GETSET(zoom_level)},
-- 
cgit v1.2.3