path: root/debian/patches/01-w3m-dev-01509



PATCH: -p1
To: w3m-dev@mi.med.tohoku.ac.jp
Subject: [w3m-dev 01509] Forward: Bug#79689: No way to view information on SSL certificates
From: Fumitoshi UKAI <ukai@debian.or.jp>
Date: Sat, 16 Dec 2000 04:28:07 +0900
Reply-To: w3m-dev@mi.med.tohoku.ac.jp
Message-Id: <87u2854h88.wl@lichee.ukai.org>
User-Agent: Wanderlust/2.2.15 (More Than Words) EMIKO/1.13.9
 (Euglena tripteris) FLIM/1.13.2 (Kasanui) APEL/10.2 Emacs/20.7
 (i386-debian-linux-gnu) MULE/4.0 (HANANOEN)
Organization: Debian JP Project
Mime-Version: 1.0 (generated by EMIKO 1.13.9 - "Euglena tripteris")

[1  <text/plain; ISO-2022-JP (7bit)>]
w3m $B$G(B #define USE_SSL ($B$H$+(B #define USE_SSL_VERIFY )$B$7$?;~$G$b(B
$B8=>u$G$O(B https $B$G$D$J$,$C$F$k$+$I$&$+!"$I$3$H$D$J$,$C$F$+$I$&$+$N(B
$B>pJs$r8+$k$3$H$,$G$-$J$$$N$r$J$s$H$+$7$F$[$7$$$H$$$&%l%]!<%H$G$9!#(B

$B8=%I%-%e%a%s%H$N>pJs$rI=<((B('=')$B$G8+$F$b(B SSL$B$K4X$9$k>ZL@=q>pJs$r(B
$B$_$i$l$J$$$N$O3N$+$KHa$7$$$J$!(B $B$H;W$C$F$$$?$N$G(B $BE,Ev$J%Q%C%A(B
$B$D$/$C$F$_$^$7$?!#(B($B$+$J$j$$$$$+$2$s(B)

-- 
$B1-;tJ8IR(B

[2  <message/rfc822 (7bit)>]
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#79689: No way to view information on SSL certificates
From: Richard Braakman <dark@dark.wapit.fi>
Date: Fri, 15 Dec 2000 19:39:16 +0200
Message-Id: <E146ypA-0005Ud-00@dark.wapit.com>
MIME-Version: 1.0

Package: w3m
Version: 0.1.10+0.1.11pre+kokb22-1
Severity: wishlist

When I'm about to submit sensitive information over a https connection,
I would like to inspect the information in the server's SSL certificate,
and ideally also the chain of trust that was used to verify that
certificate.  w3m doesn't seem to have a way to do this.

Verifying this information would give me a lot more confidence in the
security of a link.

Richard Braakman


-- System Information
Debian Release: woody
Architecture: i386
Kernel: Linux dark 2.3.49 #1 Tue Mar 7 10:37:21 EET 2000 i686

Versions of packages w3m depends on:
ii  libc6                     2.2-5          GNU C Library: Shared libraries an
ii  libgc5                    1:5.0.alpha4-8 Conservative garbage collector for
ii  libgpmg1                  1.19.3-4       General Purpose Mouse Library [lib
ii  libncurses5               5.0-8          Shared libraries for terminal hand

[3 w3m-0.1.11-pre-kokb23-ssl-cert.patch <text/plain; US-ASCII (7bit)>]
diff -Nru w3m-0.1.11-pre/buffer.c w3m-0.1.11-pre-ja/buffer.c
--- w3m-0.1.11-pre/buffer.c	Thu Dec 14 01:17:21 2000
+++ w3m-0.1.11-pre-ja/buffer.c	Sat Dec 16 03:58:44 2000
@@ -40,6 +40,9 @@
     *n->clone = 1;
     n->linelen = 0;
     n->trbyte = 0;
+#ifdef USE_SSL
+    n->ssl_certificate = NULL;
+#endif
     return n;
 }
 
diff -Nru w3m-0.1.11-pre/file.c w3m-0.1.11-pre-ja/file.c
--- w3m-0.1.11-pre/file.c	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/file.c	Sat Dec 16 04:17:42 2000
@@ -971,6 +971,13 @@
 	}
 	if (t_buf == NULL)
 	    t_buf = newBuffer(INIT_BUFFER_WIDTH);
+#ifdef USE_SSL
+	if (IStype(f.stream) == IST_SSL) {
+	    Str s = ssl_get_certificate(f.stream);
+	    if (s != NULL)
+		t_buf->ssl_certificate = s->ptr;
+	}
+#endif
 	readHeader(&f, t_buf, FALSE, &pu);
 	t = checkContentType(t_buf);
 	if (t == NULL)
@@ -1214,6 +1221,13 @@
 	t_buf = newBuffer(INIT_BUFFER_WIDTH);
 	t_buf->bufferprop |= BP_FRAME;
     }
+#ifdef USE_SSL
+    if (IStype(f.stream) == IST_SSL) {
+	Str s = ssl_get_certificate(f.stream);
+	if (s != NULL)
+	    t_buf->ssl_certificate = s->ptr;
+    }
+#endif
     b = loadSomething(&f, pu.file, proc, t_buf);
     UFclose(&f);
     if (b) {
diff -Nru w3m-0.1.11-pre/fm.h w3m-0.1.11-pre-ja/fm.h
--- w3m-0.1.11-pre/fm.h	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/fm.h	Sat Dec 16 03:58:08 2000
@@ -343,6 +343,9 @@
     FormItemList *form_submit;
     char *savecache;
     char *edit;
+#ifdef USE_SSL
+    char *ssl_certificate;
+#endif
 } Buffer;
 
 #define NO_BUFFER ((Buffer*)1)
diff -Nru w3m-0.1.11-pre/html.h w3m-0.1.11-pre-ja/html.h
--- w3m-0.1.11-pre/html.h	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/html.h	Sat Dec 16 03:54:34 2000
@@ -2,6 +2,8 @@
 #ifndef _HTML_H
 #define _HTML_H
 #ifdef USE_SSL
+#include <bio.h>
+#include <x509.h>
 #include <ssl.h>
 #endif				/* USE_SSL */
 
diff -Nru w3m-0.1.11-pre/istream.c w3m-0.1.11-pre-ja/istream.c
--- w3m-0.1.11-pre/istream.c	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/istream.c	Sat Dec 16 04:19:59 2000
@@ -328,6 +328,33 @@
     }
 }
 
+#ifdef USE_SSL
+Str
+ssl_get_certificate(InputStream stream)
+{
+    BIO *bp;
+    X509 *x;
+    char *p;
+    int len;
+    Str s;
+    if (stream == NULL)
+	return NULL;
+    if (IStype(stream) != IST_SSL)
+	return NULL;
+    if (stream->ssl.handle == NULL)
+	return NULL;
+    x = SSL_get_peer_certificate(stream->ssl.handle->ssl);
+    if (x == NULL)
+	return NULL;
+    bp = BIO_new(BIO_s_mem());
+    X509_print(bp, x);
+    len = (int)BIO_ctrl(bp, BIO_CTRL_INFO,0,(char *)&p);
+    s = Strnew_charp_n(p, len);
+    BIO_free_all(bp);
+    return s;
+}
+#endif
+
 /* Raw level input stream functions */
 
 static void
diff -Nru w3m-0.1.11-pre/istream.h w3m-0.1.11-pre-ja/istream.h
--- w3m-0.1.11-pre/istream.h	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/istream.h	Sat Dec 16 03:54:52 2000
@@ -4,6 +4,8 @@
 
 #include <stdio.h>
 #ifdef USE_SSL
+#include <bio.h>
+#include <x509.h>
 #include <ssl.h>
 #endif
 #include "Str.h"
@@ -121,6 +123,9 @@
 extern Str StrmyISgets(InputStream stream);
 extern int ISread(InputStream stream, Str buf, int count);
 extern int ISfileno(InputStream stream);
+#ifdef USE_SSL
+extern Str ssl_get_certificate(InputStream stream);
+#endif
 
 #define IST_BASIC	0
 #define IST_FILE	1
diff -Nru w3m-0.1.11-pre/map.c w3m-0.1.11-pre-ja/map.c
--- w3m-0.1.11-pre/map.c	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/map.c	Sat Dec 16 03:59:50 2000
@@ -179,6 +179,14 @@
 	append_frame_info(tmp, f_set, 0);
 	Strcat_charp(tmp, "</pre>");
     }
+#ifdef USE_SSL
+    if (buf->ssl_certificate == NULL)
+	goto end;
+    Strcat_charp(tmp, "<h1>SSL certificate</h1>\n");
+    Strcat_charp(tmp, "<pre>\n");
+    Strcat_charp(tmp, buf->ssl_certificate);
+    Strcat_charp(tmp, "</pre>\n");
+#endif
   end:
     Strcat_charp(tmp, "</body></html>");
     return loadHTMLString(tmp);
[4  <text/plain; US-ASCII (7bit)>]
PATCH: -p1
To: w3m-dev@mi.med.tohoku.ac.jp
Subject: [w3m-dev 01509] Forward: Bug#79689: No way to view information on SSL certificates
From: Fumitoshi UKAI <ukai@debian.or.jp>
Delivered-To: ukai@ukai.org
Delivered-To: ukai@debian.or.jp
Date: Sat, 16 Dec 2000 04:28:07 +0900
Reply-To: w3m-dev@mi.med.tohoku.ac.jp
Message-Id: <87u2854h88.wl@lichee.ukai.org>
X-ML-Name: w3m-dev
X-Mail-Count: 01509
X-MLServer: fml [fml 3.0]; post only (only members can post)
X-ML-Info: If you have a question, send e-mail with the body	"help" (without quotes) to the address w3m-dev-ctl@mi.med.tohoku.ac.jp;	help=<mailto:w3m-dev-ctl@mi.med.tohoku.ac.jp?body=help>
User-Agent: Wanderlust/2.2.15 (More Than Words) EMIKO/1.13.9
 (Euglena tripteris) FLIM/1.13.2 (Kasanui) APEL/10.2 Emacs/20.7
 (i386-debian-linux-gnu) MULE/4.0 (HANANOEN)
Organization: Debian JP Project
Mime-Version: 1.0 (generated by EMIKO 1.13.9 - "Euglena tripteris")
X-Sender: w3m-dev-admin@mi.med.tohoku.ac.jp

[1  <text/plain; ISO-2022-JP (7bit)>]
w3m $B$G(B #define USE_SSL ($B$H$+(B #define USE_SSL_VERIFY )$B$7$?;~$G$b(B
$B8=>u$G$O(B https $B$G$D$J$,$C$F$k$+$I$&$+!"$I$3$H$D$J$,$C$F$+$I$&$+$N(B
$B>pJs$r8+$k$3$H$,$G$-$J$$$N$r$J$s$H$+$7$F$[$7$$$H$$$&%l%]!<%H$G$9!#(B

$B8=%I%-%e%a%s%H$N>pJs$rI=<((B('=')$B$G8+$F$b(B SSL$B$K4X$9$k>ZL@=q>pJs$r(B
$B$_$i$l$J$$$N$O3N$+$KHa$7$$$J$!(B $B$H;W$C$F$$$?$N$G(B $BE,Ev$J%Q%C%A(B
$B$D$/$C$F$_$^$7$?!#(B($B$+$J$j$$$$$+$2$s(B)

-- 
$B1-;tJ8IR(B

[2  <message/rfc822 (7bit)>]
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#79689: No way to view information on SSL certificates
From: Richard Braakman <dark@dark.wapit.fi>
Date: Fri, 15 Dec 2000 19:39:16 +0200
Message-Id: <E146ypA-0005Ud-00@dark.wapit.com>
MIME-Version: 1.0

Package: w3m
Version: 0.1.10+0.1.11pre+kokb22-1
Severity: wishlist

When I'm about to submit sensitive information over a https connection,
I would like to inspect the information in the server's SSL certificate,
and ideally also the chain of trust that was used to verify that
certificate.  w3m doesn't seem to have a way to do this.

Verifying this information would give me a lot more confidence in the
security of a link.

Richard Braakman


-- System Information
Debian Release: woody
Architecture: i386
Kernel: Linux dark 2.3.49 #1 Tue Mar 7 10:37:21 EET 2000 i686

Versions of packages w3m depends on:
ii  libc6                     2.2-5          GNU C Library: Shared libraries an
ii  libgc5                    1:5.0.alpha4-8 Conservative garbage collector for
ii  libgpmg1                  1.19.3-4       General Purpose Mouse Library [lib
ii  libncurses5               5.0-8          Shared libraries for terminal hand

[3 w3m-0.1.11-pre-kokb23-ssl-cert.patch <text/plain; US-ASCII (7bit)>]
diff -Nru w3m-0.1.11-pre/buffer.c w3m-0.1.11-pre-ja/buffer.c
--- w3m-0.1.11-pre/buffer.c	Thu Dec 14 01:17:21 2000
+++ w3m-0.1.11-pre-ja/buffer.c	Sat Dec 16 03:58:44 2000
@@ -40,6 +40,9 @@
     *n->clone = 1;
     n->linelen = 0;
     n->trbyte = 0;
+#ifdef USE_SSL
+    n->ssl_certificate = NULL;
+#endif
     return n;
 }
 
diff -Nru w3m-0.1.11-pre/file.c w3m-0.1.11-pre-ja/file.c
--- w3m-0.1.11-pre/file.c	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/file.c	Sat Dec 16 04:17:42 2000
@@ -971,6 +971,13 @@
 	}
 	if (t_buf == NULL)
 	    t_buf = newBuffer(INIT_BUFFER_WIDTH);
+#ifdef USE_SSL
+	if (IStype(f.stream) == IST_SSL) {
+	    Str s = ssl_get_certificate(f.stream);
+	    if (s != NULL)
+		t_buf->ssl_certificate = s->ptr;
+	}
+#endif
 	readHeader(&f, t_buf, FALSE, &pu);
 	t = checkContentType(t_buf);
 	if (t == NULL)
@@ -1214,6 +1221,13 @@
 	t_buf = newBuffer(INIT_BUFFER_WIDTH);
 	t_buf->bufferprop |= BP_FRAME;
     }
+#ifdef USE_SSL
+    if (IStype(f.stream) == IST_SSL) {
+	Str s = ssl_get_certificate(f.stream);
+	if (s != NULL)
+	    t_buf->ssl_certificate = s->ptr;
+    }
+#endif
     b = loadSomething(&f, pu.file, proc, t_buf);
     UFclose(&f);
     if (b) {
diff -Nru w3m-0.1.11-pre/fm.h w3m-0.1.11-pre-ja/fm.h
--- w3m-0.1.11-pre/fm.h	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/fm.h	Sat Dec 16 03:58:08 2000
@@ -343,6 +343,9 @@
     FormItemList *form_submit;
     char *savecache;
     char *edit;
+#ifdef USE_SSL
+    char *ssl_certificate;
+#endif
 } Buffer;
 
 #define NO_BUFFER ((Buffer*)1)
diff -Nru w3m-0.1.11-pre/html.h w3m-0.1.11-pre-ja/html.h
--- w3m-0.1.11-pre/html.h	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/html.h	Sat Dec 16 03:54:34 2000
@@ -2,6 +2,8 @@
 #ifndef _HTML_H
 #define _HTML_H
 #ifdef USE_SSL
+#include <bio.h>
+#include <x509.h>
 #include <ssl.h>
 #endif				/* USE_SSL */
 
diff -Nru w3m-0.1.11-pre/istream.c w3m-0.1.11-pre-ja/istream.c
--- w3m-0.1.11-pre/istream.c	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/istream.c	Sat Dec 16 04:19:59 2000
@@ -328,6 +328,33 @@
     }
 }
 
+#ifdef USE_SSL
+Str
+ssl_get_certificate(InputStream stream)
+{
+    BIO *bp;
+    X509 *x;
+    char *p;
+    int len;
+    Str s;
+    if (stream == NULL)
+	return NULL;
+    if (IStype(stream) != IST_SSL)
+	return NULL;
+    if (stream->ssl.handle == NULL)
+	return NULL;
+    x = SSL_get_peer_certificate(stream->ssl.handle->ssl);
+    if (x == NULL)
+	return NULL;
+    bp = BIO_new(BIO_s_mem());
+    X509_print(bp, x);
+    len = (int)BIO_ctrl(bp, BIO_CTRL_INFO,0,(char *)&p);
+    s = Strnew_charp_n(p, len);
+    BIO_free_all(bp);
+    return s;
+}
+#endif
+
 /* Raw level input stream functions */
 
 static void
diff -Nru w3m-0.1.11-pre/istream.h w3m-0.1.11-pre-ja/istream.h
--- w3m-0.1.11-pre/istream.h	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/istream.h	Sat Dec 16 03:54:52 2000
@@ -4,6 +4,8 @@
 
 #include <stdio.h>
 #ifdef USE_SSL
+#include <bio.h>
+#include <x509.h>
 #include <ssl.h>
 #endif
 #include "Str.h"
@@ -121,6 +123,9 @@
 extern Str StrmyISgets(InputStream stream);
 extern int ISread(InputStream stream, Str buf, int count);
 extern int ISfileno(InputStream stream);
+#ifdef USE_SSL
+extern Str ssl_get_certificate(InputStream stream);
+#endif
 
 #define IST_BASIC	0
 #define IST_FILE	1
diff -Nru w3m-0.1.11-pre/map.c w3m-0.1.11-pre-ja/map.c
--- w3m-0.1.11-pre/map.c	Thu Dec 14 01:17:22 2000
+++ w3m-0.1.11-pre-ja/map.c	Sat Dec 16 03:59:50 2000
@@ -179,6 +179,14 @@
 	append_frame_info(tmp, f_set, 0);
 	Strcat_charp(tmp, "</pre>");
     }
+#ifdef USE_SSL
+    if (buf->ssl_certificate == NULL)
+	goto end;
+    Strcat_charp(tmp, "<h1>SSL certificate</h1>\n");
+    Strcat_charp(tmp, "<pre>\n");
+    Strcat_charp(tmp, buf->ssl_certificate);
+    Strcat_charp(tmp, "</pre>\n");
+#endif
   end:
     Strcat_charp(tmp, "</body></html>");
     return loadHTMLString(tmp);
[4  <text/plain; US-ASCII (7bit)>]