Download as
Browse Code »

Commit 36a2078dc797ad9433be0e2bb4992d4ba539b4b8

Authored by Perry Werneck
1 parent 9e9239aa
Exists in master and in 3 other branches develop, macos, network_module

Refactoring popup engine.

Showing 7 changed files with 196 additions and 173 deletions   Show diff stats
src/include/internals.h
  Diff comments   View file @36a2078
... ... @@ -38,6 +38,7 @@
38 38 #include <lib3270/charset.h>
39 39 #include <lib3270/session.h>
40 40 #include <lib3270/actions.h>
  41 +#include <lib3270/popup.h>
41 42  
42 43 #if defined(HAVE_LIBSSL)
43 44 #include <openssl/ssl.h>
... ... @@ -782,9 +783,10 @@ LIB3270_INTERNAL int non_blocking(H3270 *session, Boolean on);
782 783 typedef struct _ssl_error_message
783 784 {
784 785 int error;
785   - const char * title;
786   - const char * text;
787   - const char * description;
  786 + const char * id; ///< @brief Message identifier.
  787 + const char * title; ///< @brief Title for popup window.
  788 + const char * text; ///< @brief Message text.
  789 + const char * description; ///< @brief Message description.
788 790 #ifdef _WIN32
789 791 DWORD lasterror;
790 792 #endif // _WIN32
... ... @@ -792,11 +794,10 @@ LIB3270_INTERNAL int non_blocking(H3270 *session, Boolean on);
792 794  
793 795 struct ssl_status_msg
794 796 {
  797 + LIB3270_POPUP_HEAD
  798 +
795 799 long id;
796   - LIB3270_NOTIFY icon;
797   - const char * iconName; // Icon name from https://specifications.freedesktop.org/icon-naming-spec/icon-naming-spec-latest.html
798   - const char * message;
799   - const char * description;
  800 + const char * iconName; ///< @brief Icon name from https://specifications.freedesktop.org/icon-naming-spec/icon-naming-spec-latest.html
800 801 };
801 802  
802 803 LIB3270_INTERNAL int ssl_ctx_init(H3270 *hSession, SSL_ERROR_MESSAGE *message);
... ...
src/include/lib3270/popup.h
  Diff comments   View file @36a2078
... ... @@ -52,6 +52,23 @@
52 52 LIB3270_NOTIFY_USER ///< @brief Reserved, always the last one.
53 53 } LIB3270_NOTIFY;
54 54  
  55 +
  56 + /**
  57 + * @brief Head for popup descriptors.
  58 + *
  59 + */
  60 + #define LIB3270_POPUP_HEAD \
  61 + const char * name; \
  62 + LIB3270_NOTIFY type; \
  63 + const char * title; \
  64 + const char * summary; \
  65 + const char * body;
  66 +
  67 + typedef struct _lib3270_popup_descriptor
  68 + {
  69 + LIB3270_POPUP_HEAD
  70 + } LIB3270_POPUP_DESCRIPTOR;
  71 +
55 72 LIB3270_EXPORT void lib3270_set_popup_handler(H3270 *session, void (*handler)(H3270 *, LIB3270_NOTIFY, const char *, const char *, const char *, va_list));
56 73  
57 74 /**
... ...
src/ssl/crl.c
  Diff comments   View file @36a2078
... ... @@ -161,6 +161,7 @@ int lib3270_crl_new_from_x509(H3270 *hSession, void *ssl_error, X509 *cert)
161 161  
162 162 if(!dist_points)
163 163 {
  164 + ((SSL_ERROR_MESSAGE *) ssl_error)->id = "NODISTPOINTS";
164 165 ((SSL_ERROR_MESSAGE *) ssl_error)->title = _( "Security error" );
165 166 ((SSL_ERROR_MESSAGE *) ssl_error)->text = _( "Can't verify." );
166 167 ((SSL_ERROR_MESSAGE *) ssl_error)->description = _( "The host certificate doesn't have CRL distribution points" );
... ...
src/ssl/linux/getcrl.c
  Diff comments   View file @36a2078
... ... @@ -52,6 +52,7 @@ X509_CRL * lib3270_download_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, co
52 52 if(!(consturl && *consturl))
53 53 {
54 54 message->error = hSession->ssl.error = 0;
  55 + message->id = "CRLINVURL";
55 56 message->title = _( "Security error" );
56 57 message->text = _( "Can't open CRL File" );
57 58 message->description = _("The URL for the CRL is undefined or empty");
... ... @@ -69,6 +70,7 @@ X509_CRL * lib3270_download_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, co
69 70 int err = errno;
70 71  
71 72 message->error = hSession->ssl.error = 0;
  73 + message->id = "CRLOPEN";
72 74 message->title = _( "Security error" );
73 75 message->text = _( "Can't open CRL File" );
74 76 message->description = strerror(err);
... ... @@ -80,6 +82,7 @@ X509_CRL * lib3270_download_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, co
80 82 trace_ssl(hSession,"Loading CRL from %s\n",consturl+7);
81 83 if(d2i_X509_CRL_fp(hCRL, &x509_crl))
82 84 {
  85 + message->id = "CRLDECODE";
83 86 message->error = hSession->ssl.error = ERR_get_error();
84 87 message->title = _( "Security error" );
85 88 message->text = _( "Can't decode CRL" );
... ...
src/ssl/linux/init.c
  Diff comments   View file @36a2078
... ... @@ -86,6 +86,7 @@ int ssl_ctx_init(H3270 *hSession, SSL_ERROR_MESSAGE * message)
86 86 if(ssl_ctx == NULL)
87 87 {
88 88 message->error = hSession->ssl.error = ERR_get_error();
  89 + message->id = "SSLCTXERR";
89 90 message->title = _( "Security error" );
90 91 message->text = _( "Cant initialize the SSL context." );
91 92 return -1;
... ...
src/ssl/negotiate.c
  Diff comments   View file @36a2078
... ... @@ -397,17 +397,17 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
397 397 #endif // SSL_ENABLE_SELF_SIGNED_CERT_CHECK
398 398  
399 399 default:
400   - trace_ssl(hSession,"TLS/SSL verify result was %d (%s)\n", rv, msg->description);
  400 + trace_ssl(hSession,"TLS/SSL verify result was %d (%s)\n", rv, msg->body);
401 401  
402   - debug("message: %s",msg->message);
403   - debug("description: %s",msg->description);
  402 + debug("message: %s",msg->summary);
  403 + debug("description: %s",msg->body);
404 404  
405   - ((SSL_ERROR_MESSAGE *) message)->text = gettext(msg->message);
406   - ((SSL_ERROR_MESSAGE *) message)->description = gettext(msg->description);
  405 + ((SSL_ERROR_MESSAGE *) message)->text = gettext(msg->summary);
  406 + ((SSL_ERROR_MESSAGE *) message)->description = gettext(msg->body);
407 407  
408 408 set_ssl_state(hSession,LIB3270_SSL_NEGOTIATED);
409 409  
410   - if(msg->icon == LIB3270_NOTIFY_ERROR)
  410 + if(msg->type == LIB3270_NOTIFY_ERROR)
411 411 {
412 412 ((SSL_ERROR_MESSAGE *) message)->title = _( "Security error" );
413 413 return EACCES;
... ...
src/ssl/state.c
  Diff comments   View file @36a2078
... ... @@ -86,259 +86,259 @@ static const struct ssl_status_msg status_msg[] =
86 86 {
87 87 // http://www.openssl.org/docs/apps/verify.html
88 88 {
89   - X509_V_OK,
90   - LIB3270_NOTIFY_SECURE,
91   - "security-high",
92   - N_( "Secure connection was successful." ),
93   - N_( "The connection is secure and the host identity was confirmed." )
  89 + .id = X509_V_OK,
  90 + .type = LIB3270_NOTIFY_SECURE,
  91 + .iconName = "security-high",
  92 + .summary = N_( "Secure connection was successful." ),
  93 + .body = N_( "The connection is secure and the host identity was confirmed." )
94 94 },
95 95  
96 96 {
97   - X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT,
98   - LIB3270_NOTIFY_ERROR,
99   - "dialog-error",
100   - N_( "Unable to get issuer certificate" ),
101   - N_( "The issuer certificate of a looked up certificate could not be found. This normally means the list of trusted certificates is not complete." )
  97 + .id = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT,
  98 + .type = LIB3270_NOTIFY_ERROR,
  99 + .iconName = "dialog-error",
  100 + .summary = N_( "Unable to get issuer certificate" ),
  101 + .body = N_( "The issuer certificate of a looked up certificate could not be found. This normally means the list of trusted certificates is not complete." )
102 102 },
103 103  
104 104 {
105   - X509_V_ERR_UNABLE_TO_GET_CRL,
106   - LIB3270_NOTIFY_ERROR,
107   - "dialog-error",
108   - N_( "Unable to get certificate CRL." ),
109   - N_( "The Certificate revocation list (CRL) of a certificate could not be found." )
  105 + .id = X509_V_ERR_UNABLE_TO_GET_CRL,
  106 + .type = LIB3270_NOTIFY_ERROR,
  107 + .iconName = "dialog-error",
  108 + .summary = N_( "Unable to get certificate CRL." ),
  109 + .body = N_( "The Certificate revocation list (CRL) of a certificate could not be found." )
110 110 },
111 111  
112 112 {
113   - X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE,
114   - LIB3270_NOTIFY_ERROR,
115   - "dialog-error",
116   - N_( "Unable to decrypt certificate's signature" ),
117   - N_( "The certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys." )
  113 + .id = X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE,
  114 + .type = LIB3270_NOTIFY_ERROR,
  115 + .iconName = "dialog-error",
  116 + .summary = N_( "Unable to decrypt certificate's signature" ),
  117 + .body = N_( "The certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys." )
118 118 },
119 119  
120 120 {
121   - X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE,
122   - LIB3270_NOTIFY_ERROR,
123   - "dialog-error",
124   - N_( "Unable to decrypt CRL's signature" ),
125   - N_( "The CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused." )
  121 + .id = X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE,
  122 + .type = LIB3270_NOTIFY_ERROR,
  123 + .iconName = "dialog-error",
  124 + .summary = N_( "Unable to decrypt CRL's signature" ),
  125 + .body = N_( "The CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused." )
126 126 },
127 127  
128 128 {
129   - X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY,
130   - LIB3270_NOTIFY_ERROR,
131   - "dialog-error",
132   - N_( "Unable to decode issuer public key" ),
133   - N_( "The public key in the certificate SubjectPublicKeyInfo could not be read." )
  129 + .id = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY,
  130 + .type = LIB3270_NOTIFY_ERROR,
  131 + .iconName = "dialog-error",
  132 + .summary = N_( "Unable to decode issuer public key" ),
  133 + .body = N_( "The public key in the certificate SubjectPublicKeyInfo could not be read." )
134 134 },
135 135  
136 136 {
137   - X509_V_ERR_CERT_SIGNATURE_FAILURE,
138   - LIB3270_NOTIFY_ERROR,
139   - "dialog-error",
140   - N_( "Certificate signature failure" ),
141   - N_( "The signature of the certificate is invalid." )
  137 + .id = X509_V_ERR_CERT_SIGNATURE_FAILURE,
  138 + .type = LIB3270_NOTIFY_ERROR,
  139 + .iconName = "dialog-error",
  140 + .summary = N_( "Certificate signature failure" ),
  141 + .body = N_( "The signature of the certificate is invalid." )
142 142 },
143 143  
144 144 {
145   - X509_V_ERR_CRL_SIGNATURE_FAILURE,
146   - LIB3270_NOTIFY_ERROR,
147   - "dialog-error",
148   - N_( "CRL signature failure" ),
149   - N_( "The signature of the certificate is invalid." )
  145 + .id = X509_V_ERR_CRL_SIGNATURE_FAILURE,
  146 + .type = LIB3270_NOTIFY_ERROR,
  147 + .iconName = "dialog-error",
  148 + .summary = N_( "CRL signature failure" ),
  149 + .body = N_( "The signature of the certificate is invalid." )
150 150 },
151 151  
152 152 {
153   - X509_V_ERR_CERT_NOT_YET_VALID,
154   - LIB3270_NOTIFY_WARNING,
155   - "dialog-warning",
156   - N_( "Certificate is not yet valid" ),
157   - N_( "The certificate is not yet valid: the notBefore date is after the current time." )
  153 + .id = X509_V_ERR_CERT_NOT_YET_VALID,
  154 + .type = LIB3270_NOTIFY_WARNING,
  155 + .iconName = "dialog-warning",
  156 + .summary = N_( "Certificate is not yet valid" ),
  157 + .body = N_( "The certificate is not yet valid: the notBefore date is after the current time." )
158 158 },
159 159  
160 160 {
161   - X509_V_ERR_CERT_HAS_EXPIRED,
162   - LIB3270_NOTIFY_ERROR,
163   - "dialog-error",
164   - N_( "Certificate has expired" ),
165   - N_( "The certificate has expired: that is the notAfter date is before the current time." )
  161 + .id = X509_V_ERR_CERT_HAS_EXPIRED,
  162 + .type = LIB3270_NOTIFY_ERROR,
  163 + .iconName = "dialog-error",
  164 + .summary = N_( "Certificate has expired" ),
  165 + .body = N_( "The certificate has expired: that is the notAfter date is before the current time." )
166 166 },
167 167  
168 168 {
169   - X509_V_ERR_CRL_NOT_YET_VALID,
170   - LIB3270_NOTIFY_WARNING,
171   - "dialog-error",
172   - N_( "The CRL is not yet valid." ),
173   - N_( "The Certificate revocation list (CRL) is not yet valid." )
  169 + .id = X509_V_ERR_CRL_NOT_YET_VALID,
  170 + .type = LIB3270_NOTIFY_WARNING,
  171 + .iconName = "dialog-error",
  172 + .summary = N_( "The CRL is not yet valid." ),
  173 + .body = N_( "The Certificate revocation list (CRL) is not yet valid." )
174 174 },
175 175  
176 176 {
177   - X509_V_ERR_CRL_HAS_EXPIRED,
  177 + .id = X509_V_ERR_CRL_HAS_EXPIRED,
178 178 #ifdef SSL_ENABLE_CRL_EXPIRATION_CHECK
179   - LIB3270_NOTIFY_ERROR,
  179 + .type = LIB3270_NOTIFY_ERROR,
180 180 #else
181   - LIB3270_NOTIFY_WARNING,
  181 + .type = LIB3270_NOTIFY_WARNING,
182 182 #endif // SSL_ENABLE_CRL_EXPIRATION_CHECK
183   - "security-medium",
184   - N_( "The CRL has expired." ),
185   - N_( "The Certificate revocation list (CRL) has expired.")
  183 + .iconName = "security-medium",
  184 + .summary = N_( "The CRL has expired." ),
  185 + .body = N_( "The Certificate revocation list (CRL) has expired.")
186 186 },
187 187  
188 188 {
189   - X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD,
190   - LIB3270_NOTIFY_ERROR,
191   - "dialog-error",
192   - N_( "Format error in certificate's notBefore field" ),
193   - N_( "The certificate notBefore field contains an invalid time." )
  189 + .id = X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD,
  190 + .type = LIB3270_NOTIFY_ERROR,
  191 + .iconName = "dialog-error",
  192 + .summary = N_( "Format error in certificate's notBefore field" ),
  193 + .body = N_( "The certificate notBefore field contains an invalid time." )
194 194 },
195 195  
196 196 {
197   - X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD,
198   - LIB3270_NOTIFY_ERROR,
199   - "dialog-error",
200   - N_( "Format error in certificate's notAfter field" ),
201   - N_( "The certificate notAfter field contains an invalid time." )
  197 + .id = X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD,
  198 + .type = LIB3270_NOTIFY_ERROR,
  199 + .iconName = "dialog-error",
  200 + .summary = N_( "Format error in certificate's notAfter field" ),
  201 + .body = N_( "The certificate notAfter field contains an invalid time." )
202 202 },
203 203  
204 204 {
205   - X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD,
206   - LIB3270_NOTIFY_ERROR,
207   - "dialog-error",
208   - N_( "Format error in CRL's lastUpdate field" ),
209   - N_( "The CRL lastUpdate field contains an invalid time." )
  205 + .id = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD,
  206 + .type = LIB3270_NOTIFY_ERROR,
  207 + .iconName = "dialog-error",
  208 + .summary = N_( "Format error in CRL's lastUpdate field" ),
  209 + .body = N_( "The CRL lastUpdate field contains an invalid time." )
210 210 },
211 211  
212 212 {
213   - X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD,
214   - LIB3270_NOTIFY_ERROR,
215   - "dialog-error",
216   - N_( "Format error in CRL's nextUpdate field" ),
217   - N_( "The CRL nextUpdate field contains an invalid time." )
  213 + .id = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD,
  214 + .type = LIB3270_NOTIFY_ERROR,
  215 + .iconName = "dialog-error",
  216 + .summary = N_( "Format error in CRL's nextUpdate field" ),
  217 + .body = N_( "The CRL nextUpdate field contains an invalid time." )
218 218 },
219 219  
220 220 {
221   - X509_V_ERR_OUT_OF_MEM,
222   - LIB3270_NOTIFY_ERROR,
223   - "dialog-error",
224   - N_( "Out of memory" ),
225   - N_( "An error occurred trying to allocate memory. This should never happen." )
  221 + .id = X509_V_ERR_OUT_OF_MEM,
  222 + .type = LIB3270_NOTIFY_ERROR,
  223 + .iconName = "dialog-error",
  224 + .summary = N_( "Out of memory" ),
  225 + .body = N_( "An error occurred trying to allocate memory. This should never happen." )
226 226 },
227 227  
228 228 {
229   - X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
230   - LIB3270_NOTIFY_WARNING,
231   - "security-medium",
232   - N_( "Self signed certificate" ),
233   - N_( "The passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates." )
  229 + .id = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
  230 + .type = LIB3270_NOTIFY_WARNING,
  231 + .iconName = "security-medium",
  232 + .summary = N_( "Self signed certificate" ),
  233 + .body = N_( "The passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates." )
234 234 },
235 235  
236 236 {
237   - X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN,
  237 + .id = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN,
238 238 #ifdef SSL_ENABLE_SELF_SIGNED_CERT_CHECK
239   - LIB3270_NOTIFY_ERROR,
  239 + .type = LIB3270_NOTIFY_ERROR,
240 240 #else
241   - LIB3270_NOTIFY_WARNING,
  241 + .type = LIB3270_NOTIFY_WARNING,
242 242 #endif // SSL_ENABLE_SELF_SIGNED_CERT_CHECK
243   - "security-medium",
244   - N_( "Self signed certificate in certificate chain" ),
245   - N_( "The certificate chain could be built up using the untrusted certificates but the root could not be found locally." )
  243 + .iconName = "security-medium",
  244 + .summary = N_( "Self signed certificate in certificate chain" ),
  245 + .body = N_( "The certificate chain could be built up using the untrusted certificates but the root could not be found locally." )
246 246 },
247 247  
248 248 {
249   - X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
250   - LIB3270_NOTIFY_WARNING,
251   - "security-low",
252   - N_( "Unable to get local issuer certificate" ),
253   - N_( "The issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found." )
  249 + .id = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
  250 + .type = LIB3270_NOTIFY_WARNING,
  251 + .iconName = "security-low",
  252 + .summary = N_( "Unable to get local issuer certificate" ),
  253 + .body = N_( "The issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found." )
254 254 },
255 255  
256 256 {
257   - X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE,
258   - LIB3270_NOTIFY_ERROR,
259   - "security-low",
260   - N_( "Unable to verify the first certificate" ),
261   - N_( "No signatures could be verified because the chain contains only one certificate and it is not self signed." )
  257 + .id = X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE,
  258 + .type = LIB3270_NOTIFY_ERROR,
  259 + .iconName = "security-low",
  260 + .summary = N_( "Unable to verify the first certificate" ),
  261 + .body = N_( "No signatures could be verified because the chain contains only one certificate and it is not self signed." )
262 262 },
263 263  
264 264 {
265   - X509_V_ERR_CERT_REVOKED,
266   - LIB3270_NOTIFY_ERROR,
267   - "security-low",
268   - N_( "Certificate revoked" ),
269   - N_( "The certificate has been revoked." )
  265 + .id = X509_V_ERR_CERT_REVOKED,
  266 + .type = LIB3270_NOTIFY_ERROR,
  267 + .iconName = "security-low",
  268 + .summary = N_( "Certificate revoked" ),
  269 + .body = N_( "The certificate has been revoked." )
270 270 },
271 271  
272 272 {
273   - X509_V_ERR_INVALID_CA,
274   - LIB3270_NOTIFY_ERROR,
275   - "security-low",
276   - N_( "Invalid CA certificate" ),
277   - N_( "A CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose." )
  273 + .id = X509_V_ERR_INVALID_CA,
  274 + .type = LIB3270_NOTIFY_ERROR,
  275 + .iconName = "security-low",
  276 + .summary = N_( "Invalid CA certificate" ),
  277 + .body = N_( "A CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose." )
278 278 },
279 279  
280 280 {
281   - X509_V_ERR_PATH_LENGTH_EXCEEDED,
282   - LIB3270_NOTIFY_ERROR,
283   - "dialog-error",
284   - N_( "Path length constraint exceeded" ),
285   - N_( "The basicConstraints pathlength parameter has been exceeded." ),
  281 + .id = X509_V_ERR_PATH_LENGTH_EXCEEDED,
  282 + .type = LIB3270_NOTIFY_ERROR,
  283 + .iconName = "dialog-error",
  284 + .summary = N_( "Path length constraint exceeded" ),
  285 + .body = N_( "The basicConstraints pathlength parameter has been exceeded." ),
286 286 },
287 287  
288 288 {
289   - X509_V_ERR_INVALID_PURPOSE,
290   - LIB3270_NOTIFY_ERROR,
291   - "dialog-error",
292   - N_( "Unsupported certificate purpose" ),
293   - N_( "The supplied certificate cannot be used for the specified purpose." )
  289 + .id = X509_V_ERR_INVALID_PURPOSE,
  290 + .type = LIB3270_NOTIFY_ERROR,
  291 + .iconName = "dialog-error",
  292 + .summary = N_( "Unsupported certificate purpose" ),
  293 + .body = N_( "The supplied certificate cannot be used for the specified purpose." )
294 294 },
295 295  
296 296 {
297   - X509_V_ERR_CERT_UNTRUSTED,
298   - LIB3270_NOTIFY_WARNING,
299   - "security-low",
300   - N_( "Certificate not trusted" ),
301   - N_( "The root CA is not marked as trusted for the specified purpose." )
  297 + .id = X509_V_ERR_CERT_UNTRUSTED,
  298 + .type = LIB3270_NOTIFY_WARNING,
  299 + .iconName = "security-low",
  300 + .summary = N_( "Certificate not trusted" ),
  301 + .body = N_( "The root CA is not marked as trusted for the specified purpose." )
302 302 },
303 303  
304 304 {
305   - X509_V_ERR_CERT_REJECTED,
306   - LIB3270_NOTIFY_ERROR,
307   - "security-low",
308   - N_( "Certificate rejected" ),
309   - N_( "The root CA is marked to reject the specified purpose." )
  305 + .id = X509_V_ERR_CERT_REJECTED,
  306 + .type = LIB3270_NOTIFY_ERROR,
  307 + .iconName = "security-low",
  308 + .summary = N_( "Certificate rejected" ),
  309 + .body = N_( "The root CA is marked to reject the specified purpose." )
310 310 },
311 311  
312 312 {
313   - X509_V_ERR_SUBJECT_ISSUER_MISMATCH,
314   - LIB3270_NOTIFY_ERROR,
315   - "security-low",
316   - N_( "Subject issuer mismatch" ),
317   - N_( "The current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. Only displayed when the -issuer_checks option is set." )
  313 + .id = X509_V_ERR_SUBJECT_ISSUER_MISMATCH,
  314 + .type = LIB3270_NOTIFY_ERROR,
  315 + .iconName = "security-low",
  316 + .summary = N_( "Subject issuer mismatch" ),
  317 + .body = N_( "The current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. Only displayed when the -issuer_checks option is set." )
318 318 },
319 319  
320 320 {
321   - X509_V_ERR_AKID_SKID_MISMATCH,
322   - LIB3270_NOTIFY_ERROR,
323   - "dialog-error",
324   - N_( "Authority and subject key identifier mismatch" ),
325   - N_( "The current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. Only displayed when the -issuer_checks option is set." )
  321 + .id = X509_V_ERR_AKID_SKID_MISMATCH,
  322 + .type = LIB3270_NOTIFY_ERROR,
  323 + .iconName = "dialog-error",
  324 + .summary = N_( "Authority and subject key identifier mismatch" ),
  325 + .body = N_( "The current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. Only displayed when the -issuer_checks option is set." )
326 326 },
327 327  
328 328 {
329   - X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH,
330   - LIB3270_NOTIFY_ERROR,
331   - "dialog-error",
332   - N_( "Authority and issuer serial number mismatch" ),
333   - N_( "The current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. Only displayed when the -issuer_checks option is set." )
  329 + .id = X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH,
  330 + .type = LIB3270_NOTIFY_ERROR,
  331 + .iconName = "dialog-error",
  332 + .summary = N_( "Authority and issuer serial number mismatch" ),
  333 + .body = N_( "The current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. Only displayed when the -issuer_checks option is set." )
334 334 },
335 335  
336 336 {
337   - X509_V_ERR_KEYUSAGE_NO_CERTSIGN,
338   - LIB3270_NOTIFY_ERROR,
339   - "dialog-error",
340   - N_( "Key usage does not include certificate signing" ),
341   - N_( "The current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing." )
  337 + .id = X509_V_ERR_KEYUSAGE_NO_CERTSIGN,
  338 + .type = LIB3270_NOTIFY_ERROR,
  339 + .iconName = "dialog-error",
  340 + .summary = N_( "Key usage does not include certificate signing" ),
  341 + .body = N_( "The current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing." )
342 342 }
343 343  
344 344 };
... ... @@ -366,7 +366,7 @@ static const struct ssl_status_msg status_msg[] =
366 366 {
367 367 const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
368 368 if(info)
369   - return gettext(info->message);
  369 + return gettext(info->summary);
370 370 }
371 371  
372 372 return _( "The connection is insecure" );
... ... @@ -393,7 +393,7 @@ static const struct ssl_status_msg status_msg[] =
393 393 {
394 394 const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
395 395 if(info)
396   - return gettext(info->description);
  396 + return gettext(info->body);
397 397 }
398 398 else
399 399 {
... ... @@ -409,7 +409,7 @@ static const struct ssl_status_msg status_msg[] =
409 409 {
410 410 const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
411 411 if(info)
412   - return info->icon;
  412 + return info->type;
413 413 }
414 414  
415 415 return LIB3270_NOTIFY_ERROR;
... ...