X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=ssl.c;h=0bb549bff7652bf5fc47753b9d3aa1488a644740;hp=beb74a2ffd8dcbb809cb9501e51f26430648b27a;hb=dab826ce388441cb5095a282980da045aceab360;hpb=a5445be6600f681ceb08c6fbcfa8833e0d28733e

diff --git a/ssl.c b/ssl.c
index beb74a2f..0bb549bf 100644
--- a/ssl.c
+++ b/ssl.c
@@ -50,6 +50,7 @@
 #include "errlog.h"
 #include "jcc.h"
 #include "ssl.h"
+#include "encode.h"
 
 
 /*
@@ -2021,7 +2022,7 @@ extern void ssl_send_certificate_error(struct client_state *csp)
    {
       size_t base64_len = 4 * ((strlen(cert->file_buf) + 2) / 3) + 1;
 
-      message_len += strlen(cert->text_buf) + strlen("<pre></pre>\n")
+      message_len += strlen(cert->info_buf) + strlen("<pre></pre>\n")
                      +  base64_len + strlen("<a href=\"data:application"
                         "/x-x509-ca-cert;base64,\">Download certificate</a>");
       cert = cert->next;
@@ -2056,7 +2057,7 @@ extern void ssl_send_certificate_error(struct client_state *csp)
       }
 
       strlcat(message, "<pre>",        message_len);
-      strlcat(message, cert->text_buf, message_len);
+      strlcat(message, cert->info_buf, message_len);
       strlcat(message, "</pre>\n",     message_len);
 
       if (ret == 0)
@@ -2121,7 +2122,7 @@ static int ssl_verify_callback(void *csp_void, mbedtls_x509_crt *crt,
     */
    last->next = malloc_or_die(sizeof(struct certs_chain));
    last->next->next = NULL;
-   memset(last->next->text_buf, 0, sizeof(last->next->text_buf));
+   memset(last->next->info_buf, 0, sizeof(last->next->info_buf));
    memset(last->next->file_buf, 0, sizeof(last->next->file_buf));
 
    /*
@@ -2143,8 +2144,15 @@ static int ssl_verify_callback(void *csp_void, mbedtls_x509_crt *crt,
    /*
     * Saving certificate information into buffer
     */
-   mbedtls_x509_crt_info(last->text_buf, sizeof(last->text_buf) - 1,
-      CERT_INFO_PREFIX, crt);
+   {
+      char buf[CERT_INFO_BUF_SIZE];
+      char *encoded_text;
+
+      mbedtls_x509_crt_info(buf, sizeof(buf), CERT_INFO_PREFIX, crt);
+      encoded_text = html_encode(buf);
+      strlcpy(last->info_buf, encoded_text, sizeof(last->info_buf));
+      freez(encoded_text);
+   }
 
    return 0;
 }
@@ -2169,8 +2177,8 @@ static void free_certificate_chain(struct client_state *csp)
    struct certs_chain *cert = csp->server_certs_chain.next;
 
    /* Cleaning buffers */
-   memset(csp->server_certs_chain.text_buf, 0,
-      sizeof(csp->server_certs_chain.text_buf));
+   memset(csp->server_certs_chain.info_buf, 0,
+      sizeof(csp->server_certs_chain.info_buf));
    memset(csp->server_certs_chain.file_buf, 0,
       sizeof(csp->server_certs_chain.file_buf));
    csp->server_certs_chain.next = NULL;