From 482507aff7b24e7b8aabf57f7b4ef0389f08515f Mon Sep 17 00:00:00 2001
From: Jeffrey Stedfast <fejj@src.gnome.org>
Date: Wed, 2 Jan 2002 21:32:31 +0000
Subject: so my guess is that mutt probably doesn't compile since we don't
 compile using the functions that mutt uses.

this is why I love libnss.

svn path=/trunk/; revision=15229
---
 camel/camel-tcp-stream-ssl.c | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

(limited to 'camel')

diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c
index 50e6aed152..b63586ac9c 100644
--- a/camel/camel-tcp-stream-ssl.c
+++ b/camel/camel-tcp-stream-ssl.c
@@ -41,7 +41,10 @@
 #include <cert.h>
 #include <certdb.h>
 #include <pk11func.h>
-#include <sechash.h>
+
+/* this is commented because otherwise we get an error about the
+   redefinition of MD5Context...yay */
+/*#include <e-util/md5-utils.h>*/
 
 #include "camel-tcp-stream-ssl.h"
 #include "camel-session.h"
@@ -403,10 +406,10 @@ static SECStatus
 ssl_bad_cert (void *data, PRFileDesc *sockfd)
 {
 	unsigned char md5sum[16], fingerprint[40], *f;
-	CERTCertificate *cert, *issuer;
 	gboolean accept, valid_cert;
 	char *prompt, *cert_str;
 	CamelTcpStreamSSL *ssl;
+	CERTCertificate *cert;
 	CamelService *service;
 	int i;
 	
@@ -423,13 +426,14 @@ ssl_bad_cert (void *data, PRFileDesc *sockfd)
 	cert = SSL_PeerCertificate (sockfd);
 	
 	/* calculate the MD5 hash of the raw certificate */
-	/*md5_get_digest (cert->derCert.data, cert->derCert.len, md5sum);*/
-	HASH_HashBuf (HASH_AlgMD5, md5sum, cert->derCert.data, cert->derCert.len);
+	md5_get_digest (cert->derCert.data, cert->derCert.len, md5sum);
+	/*HASH_HashBuf (HASH_AlgMD5, md5sum, cert->derCert.data, cert->derCert.len);*/
 	for (i = 0, f = fingerprint; i < 16; i++, f += 3)
 		sprintf (f, "%.2x%c", md5sum[i], i != 15 ? ':' : '\0');
 	
-	issuer = CERT_FindCertByName (CERT_GetDefaultCertDB (), &cert->derIssuer);
-	valid_cert = issuer && CERT_VerifySignedData (&cert->signatureWrap, issuer, PR_Now (), NULL);
+	valid_cert = CERT_VerifyCertNow (CERT_GetDefaultCertDB (), cert, TRUE, certUsageSSLClient, NULL);
+	/*issuer = CERT_FindCertByName (CERT_GetDefaultCertDB (), &cert->derIssuer);
+	  valid_cert = issuer && CERT_VerifySignedData (&cert->signatureWrap, issuer, PR_Now (), NULL);*/
 	
 	cert_str = g_strdup_printf (_("Issuer:            %s\n"
 				      "Subject:           %s\n"
-- 
cgit v1.2.3