add certificate window handling

2025-01-03 09:44:24 +03:00 · 2018-11-04 10:35:49 +00:00 · 2018-11-04 10:35:49 +00:00 · a2ffbdfd1c
commit a2ffbdfd1c
parent 3ea6fadac2
4 changed files with 133 additions and 16 deletions
--- a/docs/using-monkey.md
+++ b/docs/using-monkey.md
@ -147,6 +147,21 @@ Commands
    This will send a `DESTROY` message back.


+### SSL certificate commands
+
+*   `SSLCERT GO` _%id%_
+
+    Cause a ssl certificate to be accepted and fetch to proceed.
+
+    This will send a `DESTROY` message back.
+
+*   `SSLCERT DESTROY` _%id%_
+
+    Cause a ssl certificate to be rejected and fetch to fail
+
+    This will send a `DESTROY` message back.
+
+
 Responses
 ---------

@ -353,11 +368,14 @@ Responses
    The core asked Monkey to say whether or not a given SSL
    certificate is OK.

-> TODO: Implement the rest of the SSL certificat verification behaviour
+*   `LOGIN DESTROY CWIN` _%id%_
+
+    The given certificate window has been destroyed and should no longer be sent
+    commands otherwise undefined behaviour may ensue.

 ### 401 Login messages

-*   `LOGIN OPEN LWIN` _%id%_ `URL` _%url%_ USER _%str%_ PASSWD _%str%_ `REALM` _%str%_
+*   `LOGIN OPEN LWIN` _%id%_ `URL` _%url%_

    The core asked Monkey to ask for identification for the given URL.

--- a/frontends/monkey/cert.c
+++ b/frontends/monkey/cert.c
@ -18,22 +18,24 @@

 #include <stdlib.h>
 #include <stdio.h>
+#include <string.h>

 #include "utils/ring.h"
 #include "utils/nsurl.h"
+#include "content/urldb.h"

 #include "monkey/output.h"
 #include "monkey/cert.h"

-typedef struct monkey_cert {
+struct monkey_cert {
 	struct monkey_cert *r_next, *r_prev;
 	uint32_t num;
-	char *host; /* Ignore */
 	nserror (*cb)(bool,void*);
-	void *pw;
-} monkey_cert_t;
+	void *cbpw;
+	nsurl *url;
+};

-static monkey_cert_t *cert_ring = NULL;
+static struct monkey_cert *cert_ring = NULL;
 static uint32_t cert_ctr = 0;

 nserror
@ -42,18 +44,106 @@ gui_cert_verify(nsurl *url,
 		unsigned long num, nserror (*cb)(bool proceed, void *pw),
 		void *cbpw)
 {
-	monkey_cert_t *m4t = calloc(sizeof(*m4t), 1);
-	if (m4t == NULL) {
+	struct monkey_cert *mcrt_ctx;
+	
+	mcrt_ctx = calloc(sizeof(*mcrt_ctx), 1);
+	if (mcrt_ctx == NULL) {
 		return NSERROR_NOMEM;
 	}
-	m4t->cb = cb;
-	m4t->pw = cbpw;
-	m4t->num = cert_ctr++;

-	RING_INSERT(cert_ring, m4t);
+	mcrt_ctx->cb = cb;
+	mcrt_ctx->cbpw = cbpw;
+	mcrt_ctx->num = cert_ctr++;
+	mcrt_ctx->url = nsurl_ref(url);
+	
+	RING_INSERT(cert_ring, mcrt_ctx);

 	moutf(MOUT_SSLCERT, "VERIFY CWIN %u URL %s",
-	      m4t->num, nsurl_access(url));
+	      mcrt_ctx->num, nsurl_access(url));

 	return NSERROR_OK;
 }
+
+
+static struct monkey_cert *
+monkey_find_sslcert_by_num(uint32_t sslcert_num)
+{
+	struct monkey_cert *ret = NULL;
+
+	RING_ITERATE_START(struct monkey_cert, cert_ring, c_ring) {
+		if (c_ring->num == sslcert_num) {
+			ret = c_ring;
+			RING_ITERATE_STOP(cert_ring, c_ring);
+		}
+	} RING_ITERATE_END(cert_ring, c_ring);
+
+	return ret;
+}
+
+static void free_sslcert_context(struct monkey_cert *mcrt_ctx) {
+	moutf(MOUT_SSLCERT, "DESTROY CWIN %u", mcrt_ctx->num);
+	RING_REMOVE(cert_ring, mcrt_ctx);
+	if (mcrt_ctx->url) {
+		nsurl_unref(mcrt_ctx->url);
+	}
+	free(mcrt_ctx);
+}
+
+static void
+monkey_sslcert_handle_go(int argc, char **argv)
+{
+	struct monkey_cert *mcrt_ctx;
+
+	if (argc != 3) {
+		moutf(MOUT_ERROR, "SSLCERT GO ARGS BAD");
+		return;
+	}
+
+	mcrt_ctx = monkey_find_sslcert_by_num(atoi(argv[2]));
+	if (mcrt_ctx == NULL) {
+		moutf(MOUT_ERROR, "SSLCERT NUM BAD");
+		return;
+	}
+
+	urldb_set_cert_permissions(mcrt_ctx->url, true);
+
+	mcrt_ctx->cb(true, mcrt_ctx->cbpw);
+
+	free_sslcert_context(mcrt_ctx);
+}
+
+static void
+monkey_sslcert_handle_destroy(int argc, char **argv)
+{
+	struct monkey_cert *mcrt_ctx;
+
+	if (argc != 3) {
+		moutf(MOUT_ERROR, "SSLCERT DESTROY ARGS BAD");
+		return;
+	}
+
+	mcrt_ctx = monkey_find_sslcert_by_num(atoi(argv[2]));
+	if (mcrt_ctx == NULL) {
+		moutf(MOUT_ERROR, "SSLCERT NUM BAD");
+		return;
+	}
+
+	mcrt_ctx->cb(false, mcrt_ctx->cbpw);
+
+	free_sslcert_context(mcrt_ctx);
+}
+
+void
+monkey_sslcert_handle_command(int argc, char **argv)
+{
+	if (argc == 1)
+		return;
+
+	if (strcmp(argv[1], "DESTROY") == 0) {
+		monkey_sslcert_handle_destroy(argc, argv);
+	} else if (strcmp(argv[1], "GO") == 0) {
+		monkey_sslcert_handle_go(argc, argv);
+	} else {
+		moutf(MOUT_ERROR, "SSLCERT COMMAND UNKNOWN %s", argv[1]);
+	}
+}
--- a/frontends/monkey/cert.h
+++ b/frontends/monkey/cert.h
@ -16,8 +16,8 @@
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

-#ifndef _NETSURF_MONKEY_CERT_H_
-#define _NETSURF_MONKEY_CERT_H_
+#ifndef NETSURF_MONKEY_CERT_H
+#define NETSURF_MONKEY_CERT_H

 struct ssl_cert_info;

@ -25,4 +25,7 @@ nserror gui_cert_verify(nsurl *url, const struct ssl_cert_info *certs,
                unsigned long num, nserror (*cb)(bool proceed, void *pw),
                void *cbpw);

+
+void monkey_sslcert_handle_command(int argc, char **argv);
+
 #endif
--- a/frontends/monkey/main.c
+++ b/frontends/monkey/main.c
@ -398,6 +398,12 @@ main(int argc, char **argv)
 		die("login handler failed to register");
 	}

+	ret = monkey_register_handler("SSLCERT", monkey_sslcert_handle_command);
+	if (ret != NSERROR_OK) {
+		die("sslcert handler failed to register");
+	}
+	
+
 	moutf(MOUT_GENERIC, "STARTED");
 	monkey_run();