Download as
Browse Code »

Commit 36a2078dc797ad9433be0e2bb4992d4ba539b4b8

Authored by Perry Werneck
1 parent 9e9239aa
Exists in master and in 3 other branches develop, macos, network_module

Refactoring popup engine.

Showing 7 changed files with 196 additions and 173 deletions   Show diff stats
src/include/internals.h
  Diff comments   View file @36a2078
@@ -38,6 +38,7 @@ @@ -38,6 +38,7 @@
38 #include <lib3270/charset.h> 38 #include <lib3270/charset.h>
39 #include <lib3270/session.h> 39 #include <lib3270/session.h>
40 #include <lib3270/actions.h> 40 #include <lib3270/actions.h>
  41 +#include <lib3270/popup.h>
41 42
42 #if defined(HAVE_LIBSSL) 43 #if defined(HAVE_LIBSSL)
43 #include <openssl/ssl.h> 44 #include <openssl/ssl.h>
@@ -782,9 +783,10 @@ LIB3270_INTERNAL int non_blocking(H3270 *session, Boolean on); @@ -782,9 +783,10 @@ LIB3270_INTERNAL int non_blocking(H3270 *session, Boolean on);
782 typedef struct _ssl_error_message 783 typedef struct _ssl_error_message
783 { 784 {
784 int error; 785 int error;
785 - const char * title;  
786 - const char * text;  
787 - const char * description; 786 + const char * id; ///< @brief Message identifier.
  787 + const char * title; ///< @brief Title for popup window.
  788 + const char * text; ///< @brief Message text.
  789 + const char * description; ///< @brief Message description.
788 #ifdef _WIN32 790 #ifdef _WIN32
789 DWORD lasterror; 791 DWORD lasterror;
790 #endif // _WIN32 792 #endif // _WIN32
@@ -792,11 +794,10 @@ LIB3270_INTERNAL int non_blocking(H3270 *session, Boolean on); @@ -792,11 +794,10 @@ LIB3270_INTERNAL int non_blocking(H3270 *session, Boolean on);
792 794
793 struct ssl_status_msg 795 struct ssl_status_msg
794 { 796 {
  797 + LIB3270_POPUP_HEAD
  798 +
795 long id; 799 long id;
796 - LIB3270_NOTIFY icon;  
797 - const char * iconName; // Icon name from https://specifications.freedesktop.org/icon-naming-spec/icon-naming-spec-latest.html  
798 - const char * message;  
799 - const char * description; 800 + const char * iconName; ///< @brief Icon name from https://specifications.freedesktop.org/icon-naming-spec/icon-naming-spec-latest.html
800 }; 801 };
801 802
802 LIB3270_INTERNAL int ssl_ctx_init(H3270 *hSession, SSL_ERROR_MESSAGE *message); 803 LIB3270_INTERNAL int ssl_ctx_init(H3270 *hSession, SSL_ERROR_MESSAGE *message);
src/include/lib3270/popup.h
  Diff comments   View file @36a2078
@@ -52,6 +52,23 @@ @@ -52,6 +52,23 @@
52 LIB3270_NOTIFY_USER ///< @brief Reserved, always the last one. 52 LIB3270_NOTIFY_USER ///< @brief Reserved, always the last one.
53 } LIB3270_NOTIFY; 53 } LIB3270_NOTIFY;
54 54
  55 +
  56 + /**
  57 + * @brief Head for popup descriptors.
  58 + *
  59 + */
  60 + #define LIB3270_POPUP_HEAD \
  61 + const char * name; \
  62 + LIB3270_NOTIFY type; \
  63 + const char * title; \
  64 + const char * summary; \
  65 + const char * body;
  66 +
  67 + typedef struct _lib3270_popup_descriptor
  68 + {
  69 + LIB3270_POPUP_HEAD
  70 + } LIB3270_POPUP_DESCRIPTOR;
  71 +
55 LIB3270_EXPORT void lib3270_set_popup_handler(H3270 *session, void (*handler)(H3270 *, LIB3270_NOTIFY, const char *, const char *, const char *, va_list)); 72 LIB3270_EXPORT void lib3270_set_popup_handler(H3270 *session, void (*handler)(H3270 *, LIB3270_NOTIFY, const char *, const char *, const char *, va_list));
56 73
57 /** 74 /**
@@ -161,6 +161,7 @@ int lib3270_crl_new_from_x509(H3270 *hSession, void *ssl_error, X509 *cert) @@ -161,6 +161,7 @@ int lib3270_crl_new_from_x509(H3270 *hSession, void *ssl_error, X509 *cert)
161 161
162 if(!dist_points) 162 if(!dist_points)
163 { 163 {
  164 + ((SSL_ERROR_MESSAGE *) ssl_error)->id = "NODISTPOINTS";
164 ((SSL_ERROR_MESSAGE *) ssl_error)->title = _( "Security error" ); 165 ((SSL_ERROR_MESSAGE *) ssl_error)->title = _( "Security error" );
165 ((SSL_ERROR_MESSAGE *) ssl_error)->text = _( "Can't verify." ); 166 ((SSL_ERROR_MESSAGE *) ssl_error)->text = _( "Can't verify." );
166 ((SSL_ERROR_MESSAGE *) ssl_error)->description = _( "The host certificate doesn't have CRL distribution points" ); 167 ((SSL_ERROR_MESSAGE *) ssl_error)->description = _( "The host certificate doesn't have CRL distribution points" );
src/ssl/linux/getcrl.c
  Diff comments   View file @36a2078
@@ -52,6 +52,7 @@ X509_CRL * lib3270_download_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, co @@ -52,6 +52,7 @@ X509_CRL * lib3270_download_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, co
52 if(!(consturl && *consturl)) 52 if(!(consturl && *consturl))
53 { 53 {
54 message->error = hSession->ssl.error = 0; 54 message->error = hSession->ssl.error = 0;
  55 + message->id = "CRLINVURL";
55 message->title = _( "Security error" ); 56 message->title = _( "Security error" );
56 message->text = _( "Can't open CRL File" ); 57 message->text = _( "Can't open CRL File" );
57 message->description = _("The URL for the CRL is undefined or empty"); 58 message->description = _("The URL for the CRL is undefined or empty");
@@ -69,6 +70,7 @@ X509_CRL * lib3270_download_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, co @@ -69,6 +70,7 @@ X509_CRL * lib3270_download_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, co
69 int err = errno; 70 int err = errno;
70 71
71 message->error = hSession->ssl.error = 0; 72 message->error = hSession->ssl.error = 0;
  73 + message->id = "CRLOPEN";
72 message->title = _( "Security error" ); 74 message->title = _( "Security error" );
73 message->text = _( "Can't open CRL File" ); 75 message->text = _( "Can't open CRL File" );
74 message->description = strerror(err); 76 message->description = strerror(err);
@@ -80,6 +82,7 @@ X509_CRL * lib3270_download_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, co @@ -80,6 +82,7 @@ X509_CRL * lib3270_download_crl(H3270 *hSession, SSL_ERROR_MESSAGE * message, co
80 trace_ssl(hSession,"Loading CRL from %s\n",consturl+7); 82 trace_ssl(hSession,"Loading CRL from %s\n",consturl+7);
81 if(d2i_X509_CRL_fp(hCRL, &x509_crl)) 83 if(d2i_X509_CRL_fp(hCRL, &x509_crl))
82 { 84 {
  85 + message->id = "CRLDECODE";
83 message->error = hSession->ssl.error = ERR_get_error(); 86 message->error = hSession->ssl.error = ERR_get_error();
84 message->title = _( "Security error" ); 87 message->title = _( "Security error" );
85 message->text = _( "Can't decode CRL" ); 88 message->text = _( "Can't decode CRL" );
src/ssl/linux/init.c
  Diff comments   View file @36a2078
@@ -86,6 +86,7 @@ int ssl_ctx_init(H3270 *hSession, SSL_ERROR_MESSAGE * message) @@ -86,6 +86,7 @@ int ssl_ctx_init(H3270 *hSession, SSL_ERROR_MESSAGE * message)
86 if(ssl_ctx == NULL) 86 if(ssl_ctx == NULL)
87 { 87 {
88 message->error = hSession->ssl.error = ERR_get_error(); 88 message->error = hSession->ssl.error = ERR_get_error();
  89 + message->id = "SSLCTXERR";
89 message->title = _( "Security error" ); 90 message->title = _( "Security error" );
90 message->text = _( "Cant initialize the SSL context." ); 91 message->text = _( "Cant initialize the SSL context." );
91 return -1; 92 return -1;
src/ssl/negotiate.c
  Diff comments   View file @36a2078
@@ -397,17 +397,17 @@ static int background_ssl_negotiation(H3270 *hSession, void *message) @@ -397,17 +397,17 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
397 #endif // SSL_ENABLE_SELF_SIGNED_CERT_CHECK 397 #endif // SSL_ENABLE_SELF_SIGNED_CERT_CHECK
398 398
399 default: 399 default:
400 - trace_ssl(hSession,"TLS/SSL verify result was %d (%s)\n", rv, msg->description); 400 + trace_ssl(hSession,"TLS/SSL verify result was %d (%s)\n", rv, msg->body);
401 401
402 - debug("message: %s",msg->message);  
403 - debug("description: %s",msg->description); 402 + debug("message: %s",msg->summary);
  403 + debug("description: %s",msg->body);
404 404
405 - ((SSL_ERROR_MESSAGE *) message)->text = gettext(msg->message);  
406 - ((SSL_ERROR_MESSAGE *) message)->description = gettext(msg->description); 405 + ((SSL_ERROR_MESSAGE *) message)->text = gettext(msg->summary);
  406 + ((SSL_ERROR_MESSAGE *) message)->description = gettext(msg->body);
407 407
408 set_ssl_state(hSession,LIB3270_SSL_NEGOTIATED); 408 set_ssl_state(hSession,LIB3270_SSL_NEGOTIATED);
409 409
410 - if(msg->icon == LIB3270_NOTIFY_ERROR) 410 + if(msg->type == LIB3270_NOTIFY_ERROR)
411 { 411 {
412 ((SSL_ERROR_MESSAGE *) message)->title = _( "Security error" ); 412 ((SSL_ERROR_MESSAGE *) message)->title = _( "Security error" );
413 return EACCES; 413 return EACCES;
src/ssl/state.c
  Diff comments   View file @36a2078
@@ -86,259 +86,259 @@ static const struct ssl_status_msg status_msg[] = @@ -86,259 +86,259 @@ static const struct ssl_status_msg status_msg[] =
86 { 86 {
87 // http://www.openssl.org/docs/apps/verify.html 87 // http://www.openssl.org/docs/apps/verify.html
88 { 88 {
89 - X509_V_OK,  
90 - LIB3270_NOTIFY_SECURE,  
91 - "security-high",  
92 - N_( "Secure connection was successful." ),  
93 - N_( "The connection is secure and the host identity was confirmed." ) 89 + .id = X509_V_OK,
  90 + .type = LIB3270_NOTIFY_SECURE,
  91 + .iconName = "security-high",
  92 + .summary = N_( "Secure connection was successful." ),
  93 + .body = N_( "The connection is secure and the host identity was confirmed." )
94 }, 94 },
95 95
96 { 96 {
97 - X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT,  
98 - LIB3270_NOTIFY_ERROR,  
99 - "dialog-error",  
100 - N_( "Unable to get issuer certificate" ),  
101 - N_( "The issuer certificate of a looked up certificate could not be found. This normally means the list of trusted certificates is not complete." ) 97 + .id = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT,
  98 + .type = LIB3270_NOTIFY_ERROR,
  99 + .iconName = "dialog-error",
  100 + .summary = N_( "Unable to get issuer certificate" ),
  101 + .body = N_( "The issuer certificate of a looked up certificate could not be found. This normally means the list of trusted certificates is not complete." )
102 }, 102 },
103 103
104 { 104 {
105 - X509_V_ERR_UNABLE_TO_GET_CRL,  
106 - LIB3270_NOTIFY_ERROR,  
107 - "dialog-error",  
108 - N_( "Unable to get certificate CRL." ),  
109 - N_( "The Certificate revocation list (CRL) of a certificate could not be found." ) 105 + .id = X509_V_ERR_UNABLE_TO_GET_CRL,
  106 + .type = LIB3270_NOTIFY_ERROR,
  107 + .iconName = "dialog-error",
  108 + .summary = N_( "Unable to get certificate CRL." ),
  109 + .body = N_( "The Certificate revocation list (CRL) of a certificate could not be found." )
110 }, 110 },
111 111
112 { 112 {
113 - X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE,  
114 - LIB3270_NOTIFY_ERROR,  
115 - "dialog-error",  
116 - N_( "Unable to decrypt certificate's signature" ),  
117 - N_( "The certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys." ) 113 + .id = X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE,
  114 + .type = LIB3270_NOTIFY_ERROR,
  115 + .iconName = "dialog-error",
  116 + .summary = N_( "Unable to decrypt certificate's signature" ),
  117 + .body = N_( "The certificate signature could not be decrypted. This means that the actual signature value could not be determined rather than it not matching the expected value, this is only meaningful for RSA keys." )
118 }, 118 },
119 119
120 { 120 {
121 - X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE,  
122 - LIB3270_NOTIFY_ERROR,  
123 - "dialog-error",  
124 - N_( "Unable to decrypt CRL's signature" ),  
125 - N_( "The CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused." ) 121 + .id = X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE,
  122 + .type = LIB3270_NOTIFY_ERROR,
  123 + .iconName = "dialog-error",
  124 + .summary = N_( "Unable to decrypt CRL's signature" ),
  125 + .body = N_( "The CRL signature could not be decrypted: this means that the actual signature value could not be determined rather than it not matching the expected value. Unused." )
126 }, 126 },
127 127
128 { 128 {
129 - X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY,  
130 - LIB3270_NOTIFY_ERROR,  
131 - "dialog-error",  
132 - N_( "Unable to decode issuer public key" ),  
133 - N_( "The public key in the certificate SubjectPublicKeyInfo could not be read." ) 129 + .id = X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY,
  130 + .type = LIB3270_NOTIFY_ERROR,
  131 + .iconName = "dialog-error",
  132 + .summary = N_( "Unable to decode issuer public key" ),
  133 + .body = N_( "The public key in the certificate SubjectPublicKeyInfo could not be read." )
134 }, 134 },
135 135
136 { 136 {
137 - X509_V_ERR_CERT_SIGNATURE_FAILURE,  
138 - LIB3270_NOTIFY_ERROR,  
139 - "dialog-error",  
140 - N_( "Certificate signature failure" ),  
141 - N_( "The signature of the certificate is invalid." ) 137 + .id = X509_V_ERR_CERT_SIGNATURE_FAILURE,
  138 + .type = LIB3270_NOTIFY_ERROR,
  139 + .iconName = "dialog-error",
  140 + .summary = N_( "Certificate signature failure" ),
  141 + .body = N_( "The signature of the certificate is invalid." )
142 }, 142 },
143 143
144 { 144 {
145 - X509_V_ERR_CRL_SIGNATURE_FAILURE,  
146 - LIB3270_NOTIFY_ERROR,  
147 - "dialog-error",  
148 - N_( "CRL signature failure" ),  
149 - N_( "The signature of the certificate is invalid." ) 145 + .id = X509_V_ERR_CRL_SIGNATURE_FAILURE,
  146 + .type = LIB3270_NOTIFY_ERROR,
  147 + .iconName = "dialog-error",
  148 + .summary = N_( "CRL signature failure" ),
  149 + .body = N_( "The signature of the certificate is invalid." )
150 }, 150 },
151 151
152 { 152 {
153 - X509_V_ERR_CERT_NOT_YET_VALID,  
154 - LIB3270_NOTIFY_WARNING,  
155 - "dialog-warning",  
156 - N_( "Certificate is not yet valid" ),  
157 - N_( "The certificate is not yet valid: the notBefore date is after the current time." ) 153 + .id = X509_V_ERR_CERT_NOT_YET_VALID,
  154 + .type = LIB3270_NOTIFY_WARNING,
  155 + .iconName = "dialog-warning",
  156 + .summary = N_( "Certificate is not yet valid" ),
  157 + .body = N_( "The certificate is not yet valid: the notBefore date is after the current time." )
158 }, 158 },
159 159
160 { 160 {
161 - X509_V_ERR_CERT_HAS_EXPIRED,  
162 - LIB3270_NOTIFY_ERROR,  
163 - "dialog-error",  
164 - N_( "Certificate has expired" ),  
165 - N_( "The certificate has expired: that is the notAfter date is before the current time." ) 161 + .id = X509_V_ERR_CERT_HAS_EXPIRED,
  162 + .type = LIB3270_NOTIFY_ERROR,
  163 + .iconName = "dialog-error",
  164 + .summary = N_( "Certificate has expired" ),
  165 + .body = N_( "The certificate has expired: that is the notAfter date is before the current time." )
166 }, 166 },
167 167
168 { 168 {
169 - X509_V_ERR_CRL_NOT_YET_VALID,  
170 - LIB3270_NOTIFY_WARNING,  
171 - "dialog-error",  
172 - N_( "The CRL is not yet valid." ),  
173 - N_( "The Certificate revocation list (CRL) is not yet valid." ) 169 + .id = X509_V_ERR_CRL_NOT_YET_VALID,
  170 + .type = LIB3270_NOTIFY_WARNING,
  171 + .iconName = "dialog-error",
  172 + .summary = N_( "The CRL is not yet valid." ),
  173 + .body = N_( "The Certificate revocation list (CRL) is not yet valid." )
174 }, 174 },
175 175
176 { 176 {
177 - X509_V_ERR_CRL_HAS_EXPIRED, 177 + .id = X509_V_ERR_CRL_HAS_EXPIRED,
178 #ifdef SSL_ENABLE_CRL_EXPIRATION_CHECK 178 #ifdef SSL_ENABLE_CRL_EXPIRATION_CHECK
179 - LIB3270_NOTIFY_ERROR, 179 + .type = LIB3270_NOTIFY_ERROR,
180 #else 180 #else
181 - LIB3270_NOTIFY_WARNING, 181 + .type = LIB3270_NOTIFY_WARNING,
182 #endif // SSL_ENABLE_CRL_EXPIRATION_CHECK 182 #endif // SSL_ENABLE_CRL_EXPIRATION_CHECK
183 - "security-medium",  
184 - N_( "The CRL has expired." ),  
185 - N_( "The Certificate revocation list (CRL) has expired.") 183 + .iconName = "security-medium",
  184 + .summary = N_( "The CRL has expired." ),
  185 + .body = N_( "The Certificate revocation list (CRL) has expired.")
186 }, 186 },
187 187
188 { 188 {
189 - X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD,  
190 - LIB3270_NOTIFY_ERROR,  
191 - "dialog-error",  
192 - N_( "Format error in certificate's notBefore field" ),  
193 - N_( "The certificate notBefore field contains an invalid time." ) 189 + .id = X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD,
  190 + .type = LIB3270_NOTIFY_ERROR,
  191 + .iconName = "dialog-error",
  192 + .summary = N_( "Format error in certificate's notBefore field" ),
  193 + .body = N_( "The certificate notBefore field contains an invalid time." )
194 }, 194 },
195 195
196 { 196 {
197 - X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD,  
198 - LIB3270_NOTIFY_ERROR,  
199 - "dialog-error",  
200 - N_( "Format error in certificate's notAfter field" ),  
201 - N_( "The certificate notAfter field contains an invalid time." ) 197 + .id = X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD,
  198 + .type = LIB3270_NOTIFY_ERROR,
  199 + .iconName = "dialog-error",
  200 + .summary = N_( "Format error in certificate's notAfter field" ),
  201 + .body = N_( "The certificate notAfter field contains an invalid time." )
202 }, 202 },
203 203
204 { 204 {
205 - X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD,  
206 - LIB3270_NOTIFY_ERROR,  
207 - "dialog-error",  
208 - N_( "Format error in CRL's lastUpdate field" ),  
209 - N_( "The CRL lastUpdate field contains an invalid time." ) 205 + .id = X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD,
  206 + .type = LIB3270_NOTIFY_ERROR,
  207 + .iconName = "dialog-error",
  208 + .summary = N_( "Format error in CRL's lastUpdate field" ),
  209 + .body = N_( "The CRL lastUpdate field contains an invalid time." )
210 }, 210 },
211 211
212 { 212 {
213 - X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD,  
214 - LIB3270_NOTIFY_ERROR,  
215 - "dialog-error",  
216 - N_( "Format error in CRL's nextUpdate field" ),  
217 - N_( "The CRL nextUpdate field contains an invalid time." ) 213 + .id = X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD,
  214 + .type = LIB3270_NOTIFY_ERROR,
  215 + .iconName = "dialog-error",
  216 + .summary = N_( "Format error in CRL's nextUpdate field" ),
  217 + .body = N_( "The CRL nextUpdate field contains an invalid time." )
218 }, 218 },
219 219
220 { 220 {
221 - X509_V_ERR_OUT_OF_MEM,  
222 - LIB3270_NOTIFY_ERROR,  
223 - "dialog-error",  
224 - N_( "Out of memory" ),  
225 - N_( "An error occurred trying to allocate memory. This should never happen." ) 221 + .id = X509_V_ERR_OUT_OF_MEM,
  222 + .type = LIB3270_NOTIFY_ERROR,
  223 + .iconName = "dialog-error",
  224 + .summary = N_( "Out of memory" ),
  225 + .body = N_( "An error occurred trying to allocate memory. This should never happen." )
226 }, 226 },
227 227
228 { 228 {
229 - X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,  
230 - LIB3270_NOTIFY_WARNING,  
231 - "security-medium",  
232 - N_( "Self signed certificate" ),  
233 - N_( "The passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates." ) 229 + .id = X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT,
  230 + .type = LIB3270_NOTIFY_WARNING,
  231 + .iconName = "security-medium",
  232 + .summary = N_( "Self signed certificate" ),
  233 + .body = N_( "The passed certificate is self signed and the same certificate cannot be found in the list of trusted certificates." )
234 }, 234 },
235 235
236 { 236 {
237 - X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN, 237 + .id = X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN,
238 #ifdef SSL_ENABLE_SELF_SIGNED_CERT_CHECK 238 #ifdef SSL_ENABLE_SELF_SIGNED_CERT_CHECK
239 - LIB3270_NOTIFY_ERROR, 239 + .type = LIB3270_NOTIFY_ERROR,
240 #else 240 #else
241 - LIB3270_NOTIFY_WARNING, 241 + .type = LIB3270_NOTIFY_WARNING,
242 #endif // SSL_ENABLE_SELF_SIGNED_CERT_CHECK 242 #endif // SSL_ENABLE_SELF_SIGNED_CERT_CHECK
243 - "security-medium",  
244 - N_( "Self signed certificate in certificate chain" ),  
245 - N_( "The certificate chain could be built up using the untrusted certificates but the root could not be found locally." ) 243 + .iconName = "security-medium",
  244 + .summary = N_( "Self signed certificate in certificate chain" ),
  245 + .body = N_( "The certificate chain could be built up using the untrusted certificates but the root could not be found locally." )
246 }, 246 },
247 247
248 { 248 {
249 - X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,  
250 - LIB3270_NOTIFY_WARNING,  
251 - "security-low",  
252 - N_( "Unable to get local issuer certificate" ),  
253 - N_( "The issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found." ) 249 + .id = X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY,
  250 + .type = LIB3270_NOTIFY_WARNING,
  251 + .iconName = "security-low",
  252 + .summary = N_( "Unable to get local issuer certificate" ),
  253 + .body = N_( "The issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found." )
254 }, 254 },
255 255
256 { 256 {
257 - X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE,  
258 - LIB3270_NOTIFY_ERROR,  
259 - "security-low",  
260 - N_( "Unable to verify the first certificate" ),  
261 - N_( "No signatures could be verified because the chain contains only one certificate and it is not self signed." ) 257 + .id = X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE,
  258 + .type = LIB3270_NOTIFY_ERROR,
  259 + .iconName = "security-low",
  260 + .summary = N_( "Unable to verify the first certificate" ),
  261 + .body = N_( "No signatures could be verified because the chain contains only one certificate and it is not self signed." )
262 }, 262 },
263 263
264 { 264 {
265 - X509_V_ERR_CERT_REVOKED,  
266 - LIB3270_NOTIFY_ERROR,  
267 - "security-low",  
268 - N_( "Certificate revoked" ),  
269 - N_( "The certificate has been revoked." ) 265 + .id = X509_V_ERR_CERT_REVOKED,
  266 + .type = LIB3270_NOTIFY_ERROR,
  267 + .iconName = "security-low",
  268 + .summary = N_( "Certificate revoked" ),
  269 + .body = N_( "The certificate has been revoked." )
270 }, 270 },
271 271
272 { 272 {
273 - X509_V_ERR_INVALID_CA,  
274 - LIB3270_NOTIFY_ERROR,  
275 - "security-low",  
276 - N_( "Invalid CA certificate" ),  
277 - N_( "A CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose." ) 273 + .id = X509_V_ERR_INVALID_CA,
  274 + .type = LIB3270_NOTIFY_ERROR,
  275 + .iconName = "security-low",
  276 + .summary = N_( "Invalid CA certificate" ),
  277 + .body = N_( "A CA certificate is invalid. Either it is not a CA or its extensions are not consistent with the supplied purpose." )
278 }, 278 },
279 279
280 { 280 {
281 - X509_V_ERR_PATH_LENGTH_EXCEEDED,  
282 - LIB3270_NOTIFY_ERROR,  
283 - "dialog-error",  
284 - N_( "Path length constraint exceeded" ),  
285 - N_( "The basicConstraints pathlength parameter has been exceeded." ), 281 + .id = X509_V_ERR_PATH_LENGTH_EXCEEDED,
  282 + .type = LIB3270_NOTIFY_ERROR,
  283 + .iconName = "dialog-error",
  284 + .summary = N_( "Path length constraint exceeded" ),
  285 + .body = N_( "The basicConstraints pathlength parameter has been exceeded." ),
286 }, 286 },
287 287
288 { 288 {
289 - X509_V_ERR_INVALID_PURPOSE,  
290 - LIB3270_NOTIFY_ERROR,  
291 - "dialog-error",  
292 - N_( "Unsupported certificate purpose" ),  
293 - N_( "The supplied certificate cannot be used for the specified purpose." ) 289 + .id = X509_V_ERR_INVALID_PURPOSE,
  290 + .type = LIB3270_NOTIFY_ERROR,
  291 + .iconName = "dialog-error",
  292 + .summary = N_( "Unsupported certificate purpose" ),
  293 + .body = N_( "The supplied certificate cannot be used for the specified purpose." )
294 }, 294 },
295 295
296 { 296 {
297 - X509_V_ERR_CERT_UNTRUSTED,  
298 - LIB3270_NOTIFY_WARNING,  
299 - "security-low",  
300 - N_( "Certificate not trusted" ),  
301 - N_( "The root CA is not marked as trusted for the specified purpose." ) 297 + .id = X509_V_ERR_CERT_UNTRUSTED,
  298 + .type = LIB3270_NOTIFY_WARNING,
  299 + .iconName = "security-low",
  300 + .summary = N_( "Certificate not trusted" ),
  301 + .body = N_( "The root CA is not marked as trusted for the specified purpose." )
302 }, 302 },
303 303
304 { 304 {
305 - X509_V_ERR_CERT_REJECTED,  
306 - LIB3270_NOTIFY_ERROR,  
307 - "security-low",  
308 - N_( "Certificate rejected" ),  
309 - N_( "The root CA is marked to reject the specified purpose." ) 305 + .id = X509_V_ERR_CERT_REJECTED,
  306 + .type = LIB3270_NOTIFY_ERROR,
  307 + .iconName = "security-low",
  308 + .summary = N_( "Certificate rejected" ),
  309 + .body = N_( "The root CA is marked to reject the specified purpose." )
310 }, 310 },
311 311
312 { 312 {
313 - X509_V_ERR_SUBJECT_ISSUER_MISMATCH,  
314 - LIB3270_NOTIFY_ERROR,  
315 - "security-low",  
316 - N_( "Subject issuer mismatch" ),  
317 - N_( "The current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. Only displayed when the -issuer_checks option is set." ) 313 + .id = X509_V_ERR_SUBJECT_ISSUER_MISMATCH,
  314 + .type = LIB3270_NOTIFY_ERROR,
  315 + .iconName = "security-low",
  316 + .summary = N_( "Subject issuer mismatch" ),
  317 + .body = N_( "The current candidate issuer certificate was rejected because its subject name did not match the issuer name of the current certificate. Only displayed when the -issuer_checks option is set." )
318 }, 318 },
319 319
320 { 320 {
321 - X509_V_ERR_AKID_SKID_MISMATCH,  
322 - LIB3270_NOTIFY_ERROR,  
323 - "dialog-error",  
324 - N_( "Authority and subject key identifier mismatch" ),  
325 - N_( "The current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. Only displayed when the -issuer_checks option is set." ) 321 + .id = X509_V_ERR_AKID_SKID_MISMATCH,
  322 + .type = LIB3270_NOTIFY_ERROR,
  323 + .iconName = "dialog-error",
  324 + .summary = N_( "Authority and subject key identifier mismatch" ),
  325 + .body = N_( "The current candidate issuer certificate was rejected because its subject key identifier was present and did not match the authority key identifier current certificate. Only displayed when the -issuer_checks option is set." )
326 }, 326 },
327 327
328 { 328 {
329 - X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH,  
330 - LIB3270_NOTIFY_ERROR,  
331 - "dialog-error",  
332 - N_( "Authority and issuer serial number mismatch" ),  
333 - N_( "The current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. Only displayed when the -issuer_checks option is set." ) 329 + .id = X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH,
  330 + .type = LIB3270_NOTIFY_ERROR,
  331 + .iconName = "dialog-error",
  332 + .summary = N_( "Authority and issuer serial number mismatch" ),
  333 + .body = N_( "The current candidate issuer certificate was rejected because its issuer name and serial number was present and did not match the authority key identifier of the current certificate. Only displayed when the -issuer_checks option is set." )
334 }, 334 },
335 335
336 { 336 {
337 - X509_V_ERR_KEYUSAGE_NO_CERTSIGN,  
338 - LIB3270_NOTIFY_ERROR,  
339 - "dialog-error",  
340 - N_( "Key usage does not include certificate signing" ),  
341 - N_( "The current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing." ) 337 + .id = X509_V_ERR_KEYUSAGE_NO_CERTSIGN,
  338 + .type = LIB3270_NOTIFY_ERROR,
  339 + .iconName = "dialog-error",
  340 + .summary = N_( "Key usage does not include certificate signing" ),
  341 + .body = N_( "The current candidate issuer certificate was rejected because its keyUsage extension does not permit certificate signing." )
342 } 342 }
343 343
344 }; 344 };
@@ -366,7 +366,7 @@ static const struct ssl_status_msg status_msg[] = @@ -366,7 +366,7 @@ static const struct ssl_status_msg status_msg[] =
366 { 366 {
367 const struct ssl_status_msg *info = get_ssl_status_msg(hSession); 367 const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
368 if(info) 368 if(info)
369 - return gettext(info->message); 369 + return gettext(info->summary);
370 } 370 }
371 371
372 return _( "The connection is insecure" ); 372 return _( "The connection is insecure" );
@@ -393,7 +393,7 @@ static const struct ssl_status_msg status_msg[] = @@ -393,7 +393,7 @@ static const struct ssl_status_msg status_msg[] =
393 { 393 {
394 const struct ssl_status_msg *info = get_ssl_status_msg(hSession); 394 const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
395 if(info) 395 if(info)
396 - return gettext(info->description); 396 + return gettext(info->body);
397 } 397 }
398 else 398 else
399 { 399 {
@@ -409,7 +409,7 @@ static const struct ssl_status_msg status_msg[] = @@ -409,7 +409,7 @@ static const struct ssl_status_msg status_msg[] =
409 { 409 {
410 const struct ssl_status_msg *info = get_ssl_status_msg(hSession); 410 const struct ssl_status_msg *info = get_ssl_status_msg(hSession);
411 if(info) 411 if(info)
412 - return info->icon; 412 + return info->type;
413 } 413 }
414 414
415 return LIB3270_NOTIFY_ERROR; 415 return LIB3270_NOTIFY_ERROR;