Hi all, I noticed that Balsa throws a CRITICAL when I try to view the certification chain of a S/MIME certificate selected in the Identity dialogue. The reason: the fingerprint is not passed to function libbalsa_gpgme_key(). However, this parameter is reserved for the fingerprint of a signature's subkey.
The simple solution: if the passed fingerprint is NULL, use the one of the first subkey. If that one is /still/ NULL, display a message about a probably broken key instead of throwing the CRITICAL. The attached patch is suitable for both the master and gmime3 branches. Opinions? Cheers, Albrecht. --- Patch details: - libbalsa/libbalsa-gpgme-widgets.c: libbalsa_gpgme_key(): fall back to the cert fingerprint for cb smime_show_chain() if the passed one is NULL - libbalsa/x509-cert-widget.c: x509_cert_chain_smime(): display message if the cert fingerprint is NULL, requires a litte refactoring
diff --git a/libbalsa/libbalsa-gpgme-widgets.c b/libbalsa/libbalsa-gpgme-widgets.c
index 70112e80b..964aa4a85 100644
--- a/libbalsa/libbalsa-gpgme-widgets.c
+++ b/libbalsa/libbalsa-gpgme-widgets.c
@@ -162,12 +162,18 @@ libbalsa_gpgme_key(const gpgme_key_t key,
}
if (key->chain_id != NULL) {
GtkWidget *chain_btn;
+ gchar *chain_fpr;
issuer_row = create_key_grid_row(GTK_GRID(issuer_grid), issuer_row, _("Chain ID:"), key->chain_id, FALSE);
/* add button to show the full chain - copy the fingerprint as the key may be unref'ed... */
chain_btn = gtk_button_new_with_label(_("view certificate chain…"));
- g_object_set_data_full(G_OBJECT(chain_btn), "certid", g_strdup(fingerprint), g_free);
+ if (fingerprint != NULL) {
+ chain_fpr = g_strdup(fingerprint);
+ } else {
+ chain_fpr = (key->subkeys != NULL) ? g_strdup(key->subkeys->fpr) : NULL;
+ }
+ g_object_set_data_full(G_OBJECT(chain_btn), "certid", chain_fpr, g_free);
g_signal_connect(chain_btn, "clicked", G_CALLBACK(smime_show_chain), NULL);
gtk_grid_attach(GTK_GRID(issuer_grid), chain_btn, 0, issuer_row, 2, 1);
}
diff --git a/libbalsa/x509-cert-widget.c b/libbalsa/x509-cert-widget.c
index 52aeb748c..9afa60ef0 100644
--- a/libbalsa/x509-cert-widget.c
+++ b/libbalsa/x509-cert-widget.c
@@ -108,28 +108,31 @@ x509_cert_chain_smime(const gchar *fingerprint)
gpgme_ctx_t ctx;
GtkWidget *widget = NULL;
- g_return_val_if_fail(fingerprint != NULL, NULL);
-
- ctx = libbalsa_gpgme_new_with_proto(GPGME_PROTOCOL_CMS, NULL, NULL, NULL);
- if (ctx != NULL) {
- GList *chain = NULL;
- gchar *keyid;
-
- keyid = g_strdup(fingerprint);
- while (keyid != NULL) {
- chain = g_list_prepend(chain, cert_data_smime(ctx, &keyid));
- }
- gpgme_release(ctx);
- if (chain != NULL) {
- if (chain->next != NULL) {
- widget = create_chain_widget(chain);
- } else {
- widget = ((cert_data_t *) chain->data)->widget;
+ if (fingerprint != NULL) {
+ ctx = libbalsa_gpgme_new_with_proto(GPGME_PROTOCOL_CMS, NULL, NULL, NULL);
+ if (ctx != NULL) {
+ GList *chain = NULL;
+ gchar *keyid;
+
+ keyid = g_strdup(fingerprint);
+ while (keyid != NULL) {
+ chain = g_list_prepend(chain, cert_data_smime(ctx, &keyid));
}
- g_list_free_full(chain, (GDestroyNotify) cert_data_free);
- }
+ gpgme_release(ctx);
+ if (chain != NULL) {
+ if (chain->next != NULL) {
+ widget = create_chain_widget(chain);
+ } else {
+ widget = ((cert_data_t *) chain->data)->widget;
+ }
+ g_list_free_full(chain, (GDestroyNotify) cert_data_free);
+ }
+ }
}
+ if (widget == NULL) {
+ widget = gtk_label_new(_("Broken key, cannot identify certificate chain."));
+ }
return widget;
}
pgpCFGmKJLEgx.pgp
Description: PGP signature
_______________________________________________ balsa-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/balsa-list
