diff options
author | Josh Rickmar <jrick@devio.us> | 2012-06-07 12:54:25 -0400 |
---|---|---|
committer | Josh Rickmar <jrick@devio.us> | 2012-06-07 12:54:25 -0400 |
commit | 5d21e3a3954e947f889f024b8ba9db9e616aa28e (patch) | |
tree | 7e44dd9fae763b256db81361d278ad2830c1bffa /settings.c | |
parent | 07616810c81eb3e7073c9ca00e28f451c7bfb091 (diff) | |
download | xombrero-5d21e3a3954e947f889f024b8ba9db9e616aa28e.tar.gz |
Implement a warn_cert_changes setting to warn users when the remote
ssl certificate is different from a previously cached certificate to help prevent against MITM attacks. Prompt the user with an action to take (show remote cert, allow for that session, or cache the new remote cert).
Diffstat (limited to 'settings.c')
-rw-r--r-- | settings.c | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/settings.c b/settings.c index 8a567b2..eabc2ce 100644 --- a/settings.c +++ b/settings.c @@ -105,6 +105,7 @@ char *external_editor = NULL; int referer_mode = XT_DS_REFERER_MODE; char *referer_custom = NULL; int download_notifications = XT_DS_DOWNLOAD_NOTIFICATIONS; +int warn_cert_changes = 0; char *cmd_font_name = NULL; /* these are all set at startup */ char *oops_font_name = NULL; @@ -186,6 +187,7 @@ int set_url_regex(char *); int set_userstyle_global(char *); int set_external_editor(char *); int set_xterm_workaround(char *); +int set_warn_cert_changes(char *); void walk_mime_type(struct settings *, void (*)(struct settings *, char *, void *), void *); @@ -420,6 +422,7 @@ struct settings rs[] = { { "referer", XT_S_STR, 0, NULL, NULL,&s_referer, NULL, set_referer_rt }, { "download_notifications", XT_S_INT, 0, &download_notifications, NULL, NULL, NULL, set_download_notifications }, { "include_config", XT_S_STR, 0, NULL, &include_config, NULL, NULL, NULL }, + { "warn_cert_changes", XT_S_INT, 0, &warn_cert_changes, NULL, NULL, NULL, set_warn_cert_changes }, /* font settings */ { "cmd_font", XT_S_STR, 0, NULL, &cmd_font_name, NULL, NULL, set_cmd_font }, @@ -2142,6 +2145,19 @@ set_userstyle_global(char *value) return (0); } +int +set_warn_cert_changes(char *value) +{ + int tmp; + const char *errstr; + + tmp = strtonum(value, 0, 1, &errstr); + if (errstr) + return (-1); + warn_cert_changes = tmp; + return (0); +} + char * get_edit_mode(struct settings *s) { |