Add support for using custom certificates per url
This commit is contained in:
parent
eb32dd6eca
commit
3c2c0a6525
11
config.def.h
11
config.def.h
|
@ -3,12 +3,14 @@ static int surfuseragent = 1; /* Append Surf version to default WebKit user
|
||||||
static char *fulluseragent = ""; /* Or override the whole user agent string */
|
static char *fulluseragent = ""; /* Or override the whole user agent string */
|
||||||
static char *scriptfile = "~/.surf/script.js";
|
static char *scriptfile = "~/.surf/script.js";
|
||||||
static char *styledir = "~/.surf/styles/";
|
static char *styledir = "~/.surf/styles/";
|
||||||
|
static char *certdir = "~/.surf/certificates/";
|
||||||
static char *cachedir = "~/.surf/cache/";
|
static char *cachedir = "~/.surf/cache/";
|
||||||
static char *cookiefile = "~/.surf/cookies.txt";
|
static char *cookiefile = "~/.surf/cookies.txt";
|
||||||
|
|
||||||
/* Webkit default features */
|
/* Webkit default features */
|
||||||
static Parameter defconfig[ParameterLast] = {
|
static Parameter defconfig[ParameterLast] = {
|
||||||
SETB(AcceleratedCanvas, 1),
|
SETB(AcceleratedCanvas, 1),
|
||||||
|
SETB(Certificate, 0),
|
||||||
SETB(CaretBrowsing, 0),
|
SETB(CaretBrowsing, 0),
|
||||||
SETV(CookiePolicies, "@Aa"),
|
SETV(CookiePolicies, "@Aa"),
|
||||||
SETB(DiskCache, 1),
|
SETB(DiskCache, 1),
|
||||||
|
@ -95,6 +97,15 @@ static SiteSpecific styles[] = {
|
||||||
{ ".*", "default.css" },
|
{ ".*", "default.css" },
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/* certificates */
|
||||||
|
/*
|
||||||
|
* Provide custom certificate for urls
|
||||||
|
*/
|
||||||
|
static SiteSpecific certs[] = {
|
||||||
|
/* regexp file in $certdir */
|
||||||
|
{ "://suckless\\.org/", "suckless.org.crt" },
|
||||||
|
};
|
||||||
|
|
||||||
#define MODKEY GDK_CONTROL_MASK
|
#define MODKEY GDK_CONTROL_MASK
|
||||||
|
|
||||||
/* hotkeys */
|
/* hotkeys */
|
||||||
|
|
55
surf.c
55
surf.c
|
@ -60,6 +60,7 @@ enum {
|
||||||
typedef enum {
|
typedef enum {
|
||||||
AcceleratedCanvas,
|
AcceleratedCanvas,
|
||||||
CaretBrowsing,
|
CaretBrowsing,
|
||||||
|
Certificate,
|
||||||
CookiePolicies,
|
CookiePolicies,
|
||||||
DiskCache,
|
DiskCache,
|
||||||
DNSPrefetch,
|
DNSPrefetch,
|
||||||
|
@ -162,6 +163,8 @@ static WebKitCookieAcceptPolicy cookiepolicy_get(void);
|
||||||
static char cookiepolicy_set(const WebKitCookieAcceptPolicy p);
|
static char cookiepolicy_set(const WebKitCookieAcceptPolicy p);
|
||||||
static void seturiparameters(Client *c, const char *uri);
|
static void seturiparameters(Client *c, const char *uri);
|
||||||
static void setparameter(Client *c, int refresh, ParamName p, const Arg *a);
|
static void setparameter(Client *c, int refresh, ParamName p, const Arg *a);
|
||||||
|
static const char *getcert(const char *uri);
|
||||||
|
static void setcert(Client *c, const char *file);
|
||||||
static const char *getstyle(const char *uri);
|
static const char *getstyle(const char *uri);
|
||||||
static void setstyle(Client *c, const char *file);
|
static void setstyle(Client *c, const char *file);
|
||||||
static void runscript(Client *c);
|
static void runscript(Client *c);
|
||||||
|
@ -291,9 +294,19 @@ setup(void)
|
||||||
cookiefile = buildfile(cookiefile);
|
cookiefile = buildfile(cookiefile);
|
||||||
scriptfile = buildfile(scriptfile);
|
scriptfile = buildfile(scriptfile);
|
||||||
cachedir = buildpath(cachedir);
|
cachedir = buildpath(cachedir);
|
||||||
|
certdir = buildpath(certdir);
|
||||||
|
|
||||||
gdkkb = gdk_seat_get_keyboard(gdk_display_get_default_seat(gdpy));
|
gdkkb = gdk_seat_get_keyboard(gdk_display_get_default_seat(gdpy));
|
||||||
|
|
||||||
|
for (i = 0; i < LENGTH(certs); ++i) {
|
||||||
|
if (regcomp(&(certs[i].re), certs[i].regex, REG_EXTENDED)) {
|
||||||
|
fprintf(stderr, "Could not compile regex: %s\n",
|
||||||
|
certs[i].regex);
|
||||||
|
certs[i].regex = NULL;
|
||||||
|
}
|
||||||
|
certs[i].file = g_strconcat(certdir, "/", certs[i].file, NULL);
|
||||||
|
}
|
||||||
|
|
||||||
if (!stylefile) {
|
if (!stylefile) {
|
||||||
styledir = buildpath(styledir);
|
styledir = buildpath(styledir);
|
||||||
for (i = 0; i < LENGTH(styles); ++i) {
|
for (i = 0; i < LENGTH(styles); ++i) {
|
||||||
|
@ -642,6 +655,10 @@ setparameter(Client *c, int refresh, ParamName p, const Arg *a)
|
||||||
webkit_settings_set_enable_caret_browsing(s, a->b);
|
webkit_settings_set_enable_caret_browsing(s, a->b);
|
||||||
refresh = 0;
|
refresh = 0;
|
||||||
break;
|
break;
|
||||||
|
case Certificate:
|
||||||
|
if (a->b)
|
||||||
|
setcert(c, geturi(c));
|
||||||
|
return; /* do not update */
|
||||||
case CookiePolicies:
|
case CookiePolicies:
|
||||||
webkit_cookie_manager_set_accept_policy(
|
webkit_cookie_manager_set_accept_policy(
|
||||||
webkit_web_context_get_cookie_manager(
|
webkit_web_context_get_cookie_manager(
|
||||||
|
@ -737,6 +754,44 @@ setparameter(Client *c, int refresh, ParamName p, const Arg *a)
|
||||||
reload(c, a);
|
reload(c, a);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const char *
|
||||||
|
getcert(const char *uri)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
|
||||||
|
for (i = 0; i < LENGTH(certs); ++i) {
|
||||||
|
if (certs[i].regex &&
|
||||||
|
!regexec(&(certs[i].re), uri, 0, NULL, 0))
|
||||||
|
return certs[i].file;
|
||||||
|
}
|
||||||
|
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
|
void
|
||||||
|
setcert(Client *c, const char *uri)
|
||||||
|
{
|
||||||
|
const char *file = getcert(uri);
|
||||||
|
char *host;
|
||||||
|
GTlsCertificate *cert;
|
||||||
|
|
||||||
|
if (!file)
|
||||||
|
return;
|
||||||
|
|
||||||
|
if (!(cert = g_tls_certificate_new_from_file(file, NULL))) {
|
||||||
|
fprintf(stderr, "Could not read certificate file: %s\n", file);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
uri = strstr(uri, "://") + sizeof("://") - 1;
|
||||||
|
host = strndup(uri, strstr(uri, "/") - uri);
|
||||||
|
|
||||||
|
webkit_web_context_allow_tls_certificate_for_host(
|
||||||
|
webkit_web_view_get_context(c->view), cert, host);
|
||||||
|
|
||||||
|
free(host);
|
||||||
|
}
|
||||||
|
|
||||||
const char *
|
const char *
|
||||||
getstyle(const char *uri)
|
getstyle(const char *uri)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue
Block a user