mirror of
https://github.com/weechat/weechat.git
synced 2026-06-12 14:14:48 +02:00
Fix import of certificates created by openssl >= 1.0.0 (bug #30316)
This commit is contained in:
Sebastien Helleu
@@ -1,7 +1,7 @@
|
||||
WeeChat ChangeLog
|
||||
=================
|
||||
Sébastien Helleu <flashcode@flashtux.org>
|
||||
v0.3.3-dev, 2010-07-18
|
||||
v0.3.3-dev, 2010-07-25
|
||||
|
||||
|
||||
Version 0.3.3 (under dev!)
|
||||
@@ -25,6 +25,7 @@ Version 0.3.3 (under dev!)
|
||||
* api: add function "string_expand_home", fix bug with replacement of home in
|
||||
paths
|
||||
* irc: add new option irc.look.nick_color_stop_chars
|
||||
* irc: fix import of certificates created by openssl >= 1.0.0 (bug #30316)
|
||||
* irc: fix display of local SSL certificate when it is sent to server
|
||||
(patch #7218)
|
||||
* irc: improve lag indicator: two colors (counting and finished), update item
|
||||
|
||||
@@ -20,7 +20,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: WeeChat 0.3.3-dev\n"
|
||||
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
|
||||
"POT-Creation-Date: 2010-07-19 15:16+0200\n"
|
||||
"POT-Creation-Date: 2010-07-25 12:52+0200\n"
|
||||
"PO-Revision-Date: 2010-07-18 17:02+0200\n"
|
||||
"Last-Translator: Jiri Golembiovsky <golemj@gmail.com>\n"
|
||||
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
|
||||
@@ -5388,6 +5388,10 @@ msgstr "%sguntls: jméno hosta v certifikátu NODPOVÍDÁ \"%s\""
|
||||
msgid "gnutls: sending one certificate"
|
||||
msgstr "gnutls: posílám jeden certifikát"
|
||||
|
||||
#, fuzzy, c-format
|
||||
msgid "%sgnutls: invalid certificate \"%s\", error: %s"
|
||||
msgstr "%sgnutls: nemůžu číst certifikát \"%s\""
|
||||
|
||||
#, c-format
|
||||
msgid " - client certificate info (%s):"
|
||||
msgstr " - informace o certifikátu klienta (%s):"
|
||||
|
||||
@@ -22,7 +22,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: WeeChat 0.3.3-dev\n"
|
||||
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
|
||||
"POT-Creation-Date: 2010-07-19 15:16+0200\n"
|
||||
"POT-Creation-Date: 2010-07-25 12:52+0200\n"
|
||||
"PO-Revision-Date: 2010-07-19 15:12+0200\n"
|
||||
"Last-Translator: Nils G.\n"
|
||||
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
|
||||
@@ -5574,6 +5574,10 @@ msgstr "%sgnutls: Der Hostname im Zertifikat \"%s\" stimmt NICHT überein."
|
||||
msgid "gnutls: sending one certificate"
|
||||
msgstr "gnutls: Sende ein Zertifikat"
|
||||
|
||||
#, fuzzy, c-format
|
||||
msgid "%sgnutls: invalid certificate \"%s\", error: %s"
|
||||
msgstr "%sgnutls: Kann das Zertifikat \"%s\" nicht lesen"
|
||||
|
||||
#, c-format
|
||||
msgid " - client certificate info (%s):"
|
||||
msgstr " - Client Zertifikate-Information (%s):"
|
||||
|
||||
@@ -21,7 +21,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: WeeChat 0.3.3-dev\n"
|
||||
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
|
||||
"POT-Creation-Date: 2010-07-19 15:16+0200\n"
|
||||
"POT-Creation-Date: 2010-07-25 12:52+0200\n"
|
||||
"PO-Revision-Date: 2010-06-20 21:24+0200\n"
|
||||
"Last-Translator: Elián Hanisch <lambdae2@gmail.com>\n"
|
||||
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
|
||||
@@ -5429,6 +5429,10 @@ msgstr "%sgnutls: el hostname en el certificado NO concuerda con \"%s\""
|
||||
msgid "gnutls: sending one certificate"
|
||||
msgstr "gnutls: enviando un certificado"
|
||||
|
||||
#, fuzzy, c-format
|
||||
msgid "%sgnutls: invalid certificate \"%s\", error: %s"
|
||||
msgstr "%sgnutls: no es posible leer el certificado \"%s\""
|
||||
|
||||
#, c-format
|
||||
msgid " - client certificate info (%s):"
|
||||
msgstr " - información del certificado del cliente (%s):"
|
||||
|
||||
@@ -21,8 +21,8 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: WeeChat 0.3.3-dev\n"
|
||||
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
|
||||
"POT-Creation-Date: 2010-07-19 15:16+0200\n"
|
||||
"PO-Revision-Date: 2010-07-17 21:35+0200\n"
|
||||
"POT-Creation-Date: 2010-07-25 12:52+0200\n"
|
||||
"PO-Revision-Date: 2010-07-25 12:52+0200\n"
|
||||
"Last-Translator: Sebastien Helleu <flashcode@flashtux.org>\n"
|
||||
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
|
||||
"Language: French\n"
|
||||
@@ -5487,6 +5487,10 @@ msgstr "%sgnutls: le nom d'hôte du certificat ne correspond PAS à \"%s\""
|
||||
msgid "gnutls: sending one certificate"
|
||||
msgstr "gnutls: envoi d'un certificat"
|
||||
|
||||
#, c-format
|
||||
msgid "%sgnutls: invalid certificate \"%s\", error: %s"
|
||||
msgstr "%sgnutls: certificat invalide \"%s\", erreur: %s"
|
||||
|
||||
#, c-format
|
||||
msgid " - client certificate info (%s):"
|
||||
msgstr " - info certificat client (%s):"
|
||||
|
||||
@@ -20,7 +20,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: WeeChat 0.3.3-dev\n"
|
||||
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
|
||||
"POT-Creation-Date: 2010-07-19 15:16+0200\n"
|
||||
"POT-Creation-Date: 2010-07-25 12:52+0200\n"
|
||||
"PO-Revision-Date: 2010-06-20 21:24+0200\n"
|
||||
"Last-Translator: Andras Voroskoi <voroskoi@frugalware.org>\n"
|
||||
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
|
||||
@@ -5156,6 +5156,10 @@ msgstr "Nem sikerült a(z) \"%s\" naplófájlt írni\n"
|
||||
msgid "gnutls: sending one certificate"
|
||||
msgstr "Nem sikerült a(z) \"%s\" naplófájlt írni\n"
|
||||
|
||||
#, fuzzy, c-format
|
||||
msgid "%sgnutls: invalid certificate \"%s\", error: %s"
|
||||
msgstr "Nem sikerült a(z) \"%s\" naplófájlt írni\n"
|
||||
|
||||
#, c-format
|
||||
msgid " - client certificate info (%s):"
|
||||
msgstr ""
|
||||
|
||||
@@ -20,7 +20,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: Weechat 0.3.3-dev\n"
|
||||
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
|
||||
"POT-Creation-Date: 2010-07-19 15:16+0200\n"
|
||||
"POT-Creation-Date: 2010-07-25 12:52+0200\n"
|
||||
"PO-Revision-Date: 2010-07-19 15:12+0200\n"
|
||||
"Last-Translator: Marco Paolone <marcopaolone@gmail.com>\n"
|
||||
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
|
||||
@@ -5448,6 +5448,10 @@ msgstr "%sgnutls: il nome host nel certificato NON coincide \"%s\""
|
||||
msgid "gnutls: sending one certificate"
|
||||
msgstr "gnutls: invio di un certificato"
|
||||
|
||||
#, fuzzy, c-format
|
||||
msgid "%sgnutls: invalid certificate \"%s\", error: %s"
|
||||
msgstr "%sgnutls: impossibile leggere il certificato \"%s\""
|
||||
|
||||
#, c-format
|
||||
msgid " - client certificate info (%s):"
|
||||
msgstr " - info sul certificato (%s) del client:"
|
||||
|
||||
@@ -21,7 +21,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: WeeChat 0.3.3-dev\n"
|
||||
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
|
||||
"POT-Creation-Date: 2010-07-19 15:16+0200\n"
|
||||
"POT-Creation-Date: 2010-07-25 12:52+0200\n"
|
||||
"PO-Revision-Date: 2010-06-20 21:25+0200\n"
|
||||
"Last-Translator: B.J. Stobiecki <bartek@stobiecki.eu>\n"
|
||||
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
|
||||
@@ -5407,6 +5407,10 @@ msgstr "%sgnutls: nazwa hosta w certyfikacie NIE pasuje do \"%s\""
|
||||
msgid "gnutls: sending one certificate"
|
||||
msgstr "gnutls: wysyłam jeden certyfikat"
|
||||
|
||||
#, fuzzy, c-format
|
||||
msgid "%sgnutls: invalid certificate \"%s\", error: %s"
|
||||
msgstr "%sgnutls: nie można odczytać certyfikatu \"%s\""
|
||||
|
||||
#, c-format
|
||||
msgid " - client certificate info (%s):"
|
||||
msgstr " - informacje o certyfikacie klienta (%s):"
|
||||
|
||||
@@ -20,7 +20,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: WeeChat 0.3.3-dev\n"
|
||||
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
|
||||
"POT-Creation-Date: 2010-07-19 15:16+0200\n"
|
||||
"POT-Creation-Date: 2010-07-25 12:52+0200\n"
|
||||
"PO-Revision-Date: 2010-06-20 21:25+0200\n"
|
||||
"Last-Translator: Pavel Shevchuk <stlwrt@gmail.com>\n"
|
||||
"Language-Team: weechat-dev <weechat-dev@nongnu.org>\n"
|
||||
@@ -5171,6 +5171,10 @@ msgstr "Не могу записать лог-файл \"%s\"\n"
|
||||
msgid "gnutls: sending one certificate"
|
||||
msgstr "Не могу записать лог-файл \"%s\"\n"
|
||||
|
||||
#, fuzzy, c-format
|
||||
msgid "%sgnutls: invalid certificate \"%s\", error: %s"
|
||||
msgstr "Не могу записать лог-файл \"%s\"\n"
|
||||
|
||||
#, c-format
|
||||
msgid " - client certificate info (%s):"
|
||||
msgstr ""
|
||||
|
||||
+5
-1
@@ -7,7 +7,7 @@ msgid ""
|
||||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: flashcode@flashtux.org\n"
|
||||
"POT-Creation-Date: 2010-07-19 15:16+0200\n"
|
||||
"POT-Creation-Date: 2010-07-25 12:52+0200\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
@@ -4471,6 +4471,10 @@ msgstr ""
|
||||
msgid "gnutls: sending one certificate"
|
||||
msgstr ""
|
||||
|
||||
#, c-format
|
||||
msgid "%sgnutls: invalid certificate \"%s\", error: %s"
|
||||
msgstr ""
|
||||
|
||||
#, c-format
|
||||
msgid " - client certificate info (%s):"
|
||||
msgstr ""
|
||||
|
||||
@@ -2536,7 +2536,7 @@ irc_server_gnutls_callback (void *data, gnutls_session_t tls_session,
|
||||
time_t cert_time;
|
||||
char *cert_path0, *cert_path1, *cert_path2, *cert_str, *hostname;
|
||||
const char *weechat_dir;
|
||||
int rc, i, j, hostname_match;
|
||||
int rc, ret, i, j, hostname_match;
|
||||
#if LIBGNUTLS_VERSION_NUMBER >= 0x010706
|
||||
gnutls_datum_t cinfo;
|
||||
int rinfo;
|
||||
@@ -2695,36 +2695,56 @@ irc_server_gnutls_callback (void *data, gnutls_session_t tls_session,
|
||||
|
||||
/* key */
|
||||
gnutls_x509_privkey_init (&server->tls_cert_key);
|
||||
gnutls_x509_privkey_import (server->tls_cert_key, &filedatum,
|
||||
GNUTLS_X509_FMT_PEM);
|
||||
|
||||
tls_struct.type = GNUTLS_CRT_X509;
|
||||
tls_struct.ncerts = 1;
|
||||
tls_struct.deinit_all = 0;
|
||||
tls_struct.cert.x509 = &server->tls_cert;
|
||||
tls_struct.key.x509 = server->tls_cert_key;
|
||||
#if LIBGNUTLS_VERSION_NUMBER >= 0x010706
|
||||
/* client certificate info */
|
||||
#if LIBGNUTLS_VERSION_NUMBER < 0x020400
|
||||
rinfo = gnutls_x509_crt_print (server->tls_cert,
|
||||
GNUTLS_X509_CRT_ONELINE,
|
||||
&cinfo);
|
||||
#else
|
||||
rinfo = gnutls_x509_crt_print (server->tls_cert,
|
||||
GNUTLS_CRT_PRINT_ONELINE,
|
||||
&cinfo);
|
||||
#endif
|
||||
if (rinfo == 0)
|
||||
ret = gnutls_x509_privkey_import (server->tls_cert_key,
|
||||
&filedatum,
|
||||
GNUTLS_X509_FMT_PEM);
|
||||
if (ret < 0)
|
||||
{
|
||||
ret = gnutls_x509_privkey_import_pkcs8 (server->tls_cert_key,
|
||||
&filedatum,
|
||||
GNUTLS_X509_FMT_PEM,
|
||||
NULL,
|
||||
GNUTLS_PKCS_PLAIN);
|
||||
}
|
||||
if (ret < 0)
|
||||
{
|
||||
weechat_printf (server->buffer,
|
||||
_(" - client certificate info (%s):"),
|
||||
cert_path2);
|
||||
weechat_printf (server->buffer, " - %s", cinfo.data);
|
||||
gnutls_free (cinfo.data);
|
||||
_("%sgnutls: invalid certificate \"%s\", "
|
||||
"error: %s"),
|
||||
weechat_prefix ("error"), cert_path2,
|
||||
gnutls_strerror (ret));
|
||||
rc = -1;
|
||||
}
|
||||
else
|
||||
{
|
||||
tls_struct.type = GNUTLS_CRT_X509;
|
||||
tls_struct.ncerts = 1;
|
||||
tls_struct.deinit_all = 0;
|
||||
tls_struct.cert.x509 = &server->tls_cert;
|
||||
tls_struct.key.x509 = server->tls_cert_key;
|
||||
#if LIBGNUTLS_VERSION_NUMBER >= 0x010706
|
||||
/* client certificate info */
|
||||
#if LIBGNUTLS_VERSION_NUMBER < 0x020400
|
||||
rinfo = gnutls_x509_crt_print (server->tls_cert,
|
||||
GNUTLS_X509_CRT_ONELINE,
|
||||
&cinfo);
|
||||
#else
|
||||
rinfo = gnutls_x509_crt_print (server->tls_cert,
|
||||
GNUTLS_CRT_PRINT_ONELINE,
|
||||
&cinfo);
|
||||
#endif
|
||||
memcpy (answer, &tls_struct, sizeof (gnutls_retr_st));
|
||||
free (cert_str);
|
||||
if (rinfo == 0)
|
||||
{
|
||||
weechat_printf (server->buffer,
|
||||
_(" - client certificate info (%s):"),
|
||||
cert_path2);
|
||||
weechat_printf (server->buffer, " - %s", cinfo.data);
|
||||
gnutls_free (cinfo.data);
|
||||
}
|
||||
#endif
|
||||
memcpy (answer, &tls_struct, sizeof (gnutls_retr_st));
|
||||
free (cert_str);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user