Created
July 14, 2015 22:00
-
-
Save barn/a4ac8eda9592e1dd8b07 to your computer and use it in GitHub Desktop.
Patch for mutt 1.5.23 to show more hash fingerprints for unknown certificates.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- a/mutt_ssl.c Sun Jul 05 13:38:39 2015 -0700 | |
| +++ b/mutt_ssl.c Tue Jul 14 19:00:46 2015 +0100 | |
| @@ -551,7 +551,7 @@ | |
| return ret; | |
| } | |
| -static void x509_fingerprint (char *s, int l, X509 * cert) | |
| +static void x509_fingerprint_md5 (char *s, int l, X509 * cert) | |
| { | |
| unsigned char md[EVP_MAX_MD_SIZE]; | |
| unsigned int n; | |
| @@ -572,6 +572,48 @@ | |
| } | |
| } | |
| +static void x509_fingerprint_sha1 (char *s, int l, X509 * cert) | |
| +{ | |
| + unsigned char sha[EVP_MAX_MD_SIZE]; | |
| + unsigned int n; | |
| + int j; | |
| + | |
| + if (!X509_digest (cert, EVP_sha1 (), sha, &n)) | |
| + { | |
| + snprintf (s, l, _("[unable to calculate]")); | |
| + } | |
| + else | |
| + { | |
| + for (j = 0; j < (int) n; j++) | |
| + { | |
| + char ch[16]; | |
| + snprintf (ch, 16, "%02X%s", sha[j], (j % 2 ? " " : "")); | |
| + safe_strcat (s, l, ch); | |
| + } | |
| + } | |
| +} | |
| + | |
| +static void x509_fingerprint_sha2 (char *s, int l, X509 * cert) | |
| +{ | |
| + unsigned char sha[EVP_MAX_MD_SIZE]; | |
| + unsigned int n; | |
| + int j; | |
| + | |
| + if (!X509_digest (cert, EVP_sha256 (), sha, &n)) | |
| + { | |
| + snprintf (s, l, _("[unable to calculate]")); | |
| + } | |
| + else | |
| + { | |
| + for (j = 0; j < (int) n; j++) | |
| + { | |
| + char ch[32]; | |
| + snprintf (ch, 32, "%02X%s", sha[j], (j % 2 ? " " : "")); | |
| + safe_strcat (s, l, ch); | |
| + } | |
| + } | |
| +} | |
| + | |
| static char *asn1time_to_string (ASN1_UTCTIME *tm) | |
| { | |
| static char buf[64]; | |
| @@ -980,7 +1022,7 @@ | |
| dprint (2, (debugfile, "interactive_check_cert: %s\n", cert->name)); | |
| - menu->max = 19; | |
| + menu->max = 21; | |
| menu->dialog = (char **) safe_calloc (1, menu->max * sizeof (char *)); | |
| for (i = 0; i < menu->max; i++) | |
| menu->dialog[i] = (char *) safe_calloc (1, SHORT_STRING * sizeof (char)); | |
| @@ -1018,8 +1060,16 @@ | |
| row++; | |
| buf[0] = '\0'; | |
| - x509_fingerprint (buf, sizeof (buf), cert); | |
| - snprintf (menu->dialog[row++], SHORT_STRING, _("Fingerprint: %s"), buf); | |
| + x509_fingerprint_md5 (buf, sizeof (buf), cert); | |
| + snprintf (menu->dialog[row++], SHORT_STRING, _("MD5 Fingerprint: %s"), buf); | |
| + | |
| + buf[0] = '\0'; | |
| + x509_fingerprint_sha1 (buf, sizeof (buf), cert); | |
| + snprintf (menu->dialog[row++], SHORT_STRING, _("SHA1 Fingerprint: %s"), buf); | |
| + | |
| + buf[0] = '\0'; | |
| + x509_fingerprint_sha2 (buf, sizeof (buf), cert); | |
| + snprintf (menu->dialog[row++], SHORT_STRING, _("SHA2 Fingerprint: %s"), buf); | |
| snprintf (title, sizeof (title), | |
| _("SSL Certificate check (certificate %d of %d in chain)"), |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment