[tin-dev] [PATCH] nntps.c: strings moved to lang.c

Dennis Preiser dennis at d--p.de
Tue Nov 14 21:58:37 CET 2023 

I've moved strings from nntps.c to lang.c.

Dennis
-------------- next part --------------
--- a/include/extern.h
+++ b/include/extern.h
@@ -648,13 +648,29 @@ extern constext txt_conninfo_saved_news[];
 	extern constext txt_conninfo_server[];
 #	ifdef NNTPS_ABLE
 	extern constext txt_conninfo_nntps[];
+#		if defined(HAVE_LIB_GNUTLS) || defined(HAVE_LIB_LIBTLS) || defined(HAVE_LIB_OPENSSL)
+		extern constext txt_conninfo_fmt_error[];
+		extern constext txt_conninfo_issuer[];
+		extern constext txt_conninfo_server_cert_info[];
+		extern constext txt_conninfo_subject[];
+		extern constext txt_conninfo_tls_info[];
+#		endif /* defined(HAVE_LIB_GNUTLS) || defined(HAVE_LIB_LIBTLS) || defined(HAVE_LIB_OPENSSL) */
+#		if defined(HAVE_LIB_GNUTLS) || defined(HAVE_LIB_OPENSSL)
+		extern constext txt_conninfo_cert[];
+		extern constext txt_conninfo_error_unexpected[];
+		extern constext txt_conninfo_error_tolerated[];
+		extern constext txt_conninfo_verify_failed[];
+		extern constext txt_conninfo_verify_successful[];
+#		endif /* defined(HAVE_LIB_GNUTLS) || defined(HAVE_LIB_OPENSSL) */
 	extern constext txt_conninfo_trusted[];
 	extern constext txt_conninfo_untrusted[];
 #		ifdef HAVE_LIB_GNUTLS
 		extern constext txt_conninfo_gnutls[];
+		extern constext txt_conninfo_verify_failed_no_reason[];
 #		endif /* HAVE_LIB_GNUTLS */
 #		ifdef HAVE_LIB_LIBTLS
 		extern constext txt_conninfo_libressl[];
+		extern constext txt_conninfo_libtls_info[];
 #		endif /* HAVE_LIB_LIBTLS */
 #		ifdef HAVE_LIB_OPENSSL
 		extern constext txt_conninfo_openssl[];
--- a/src/lang.c
+++ b/src/lang.c
@@ -207,13 +207,29 @@ constext txt_conninfo_saved_news[] = N_("Reading saved news.\n");
 	constext txt_conninfo_server[] = N_("NNTPSERVER    : %s\n");
 #	ifdef NNTPS_ABLE
 	constext txt_conninfo_nntps[] = N_("Reading %s via NNTPS (%s; ");
+#		if defined(HAVE_LIB_GNUTLS) || defined(HAVE_LIB_LIBTLS) || defined(HAVE_LIB_OPENSSL)
+		constext txt_conninfo_fmt_error[] = "<formatting error>";
+		constext txt_conninfo_issuer[] = N_("Issuer : %s\n");
+		constext txt_conninfo_server_cert_info[] = N_("\nServer certificate information:\n-------------------------------\n");
+		constext txt_conninfo_subject[] = N_("Subject: %s\n");
+		constext txt_conninfo_tls_info[] = N_("\nTLS information:\n----------------\n");
+#		endif /* defined(HAVE_LIB_GNUTLS) || defined(HAVE_LIB_LIBTLS) || defined(HAVE_LIB_OPENSSL) */
+#		if defined(HAVE_LIB_GNUTLS) || defined(HAVE_LIB_OPENSSL)
+		constext txt_conninfo_cert[] = N_("Certificate #%d\n");
+		constext txt_conninfo_error_unexpected[] = N_("UNEXPECTED, possible BUG");
+		constext txt_conninfo_error_tolerated[] = N_("tolerated as \"-k\" (insecure) requested");
+		constext txt_conninfo_verify_failed[] = N_("Server certificate verification FAILED:\n\t%s (%s)\n");
+		constext txt_conninfo_verify_successful[] = N_("Server certificate verified successfully.\n");
+#		endif /* defined(HAVE_LIB_GNUTLS) || defined(HAVE_LIB_OPENSSL) */
 	constext txt_conninfo_trusted[] = N_("trusted");
 	constext txt_conninfo_untrusted[] = N_("untrusted");
 #		ifdef HAVE_LIB_GNUTLS
 		constext txt_conninfo_gnutls[] = "GnuTLS %s).\n";
+		constext txt_conninfo_verify_failed_no_reason[] = N_("Server certificate verification FAILED: <can't get reason>\n");
 #		endif /* HAVE_LIB_GNUTLS */
 #		ifdef HAVE_LIB_LIBTLS
 		constext txt_conninfo_libressl[] = "LibreSSL %d).\n";
+		constext txt_conninfo_libtls_info[] = N_("%s %s (strength %d)\n");
 #		endif /* HAVE_LIB_LIBTLS */
 #		ifdef HAVE_LIB_OPENSSL
 		constext txt_conninfo_openssl[] = "%s).\n";
--- a/src/nntps.c
+++ b/src/nntps.c
@@ -727,9 +727,20 @@ tintls_close(
 }
 
 
-/*
- * TODO: -> lang.c
- */
+#define PRINT_VALID_AFTER(what) do { \
+		if (result < 0) \
+			fprintf(fp, "%s", txt_conninfo_fmt_error); \
+		else \
+			fprintf(fp, txt_valid_not_after, (what)); \
+	} while (0)
+#define PRINT_VALID_BEFORE(what) do { \
+		if (result < 0) \
+			fprintf(fp, "%s", txt_conninfo_fmt_error); \
+		else \
+			fprintf(fp, txt_valid_not_before, (what)); \
+	} while (0)
+
+
 int
 tintls_conninfo(
 	void *session_ctx,
@@ -742,27 +753,21 @@ tintls_conninfo(
 	struct tm *tm;
 	char fmt_time[64]; /* time zone name could long... */
 
-	fprintf(fp, "\nTLS information:\n");
-	fprintf(fp, "----------------\n");
-	fprintf(fp, "%s %s (strength %d)\n", tls_conn_version(client), tls_conn_cipher(client), tls_conn_cipher_strength(client));
-	fprintf(fp, "\nServer certificate information:\n");
-	fprintf(fp, "-------------------------------\n");
-	fprintf(fp, "Subject: %s\n", tls_peer_cert_subject(client));
-	fprintf(fp, "Issuer : %s\n", tls_peer_cert_issuer(client));
+	fprintf(fp, "%s", _(txt_conninfo_tls_info));
+	fprintf(fp, _(txt_conninfo_libtls_info), tls_conn_version(client), tls_conn_cipher(client), tls_conn_cipher_strength(client));
+	fprintf(fp, "%s", txt_conninfo_server_cert_info);
+	fprintf(fp, _(txt_conninfo_subject), tls_peer_cert_subject(client));
+	fprintf(fp, _(txt_conninfo_issuer), tls_peer_cert_issuer(client));
 
 	t = tls_peer_cert_notbefore(client);
 	tm = localtime(&t);
 	result = my_strftime(fmt_time, sizeof(fmt_time), "%Y-%m-%dT%H:%M%z (%Z)", tm); /* make format configurable? */
-	if (result < 0)
-		my_strncpy(fmt_time, "<formatting error>", sizeof(fmt_time) - 1);
-	fprintf(fp, txt_valid_not_before, fmt_time);
+	PRINT_VALID_BEFORE(fmt_time);
 
 	t = tls_peer_cert_notafter(client);
 	tm = localtime(&t);
 	result = my_strftime(fmt_time, sizeof(fmt_time), "%Y-%m-%dT%H:%M%z (%Z)", tm);
-	if (result < 0)
-		my_strncpy(fmt_time, "<formatting error>", sizeof(fmt_time) - 1);
-	fprintf(fp, txt_valid_not_after, fmt_time);
+	PRINT_VALID_AFTER(fmt_time);
 
 #else
 
@@ -779,8 +784,7 @@ tintls_conninfo(
 	char fmt_time[64]; /* time zone name could long... */
 
 	desc = gnutls_session_get_desc(client);
-	fprintf(fp, "\nTLS information:\n");
-	fprintf(fp, "----------------\n");
+	fprintf(fp, "%s", _(txt_conninfo_tls_info));
 	fprintf(fp, "%s\n", desc);
 	gnutls_free(desc);
 
@@ -793,19 +797,18 @@ tintls_conninfo(
 		result = gnutls_certificate_verification_status_print(gnutls_verification_status, type, &msg, 0);
 
 		if (result == 0) {
-			fprintf(fp, "Server certificate verification FAILED:\n\t%s (%s)\n", msg.data,
-					insecure_nntps ? "tolerated as \"-k\" (insecure) requested" : "UNEXPECTED, possible BUG");
+			fprintf(fp, _(txt_conninfo_verify_failed), msg.data,
+					insecure_nntps ? _(txt_conninfo_error_tolerated) : _(txt_conninfo_error_unexpected));
 		} else
-			fprintf(fp, "Server certificate verification FAILED: <can't get reason>\n");
+			fprintf(fp, "%s", _(txt_conninfo_verify_failed_no_reason));
 
 		gnutls_free(msg.data);
 	} else
-		fprintf(fp, "Server certificate verified successfully.\n");
+		fprintf(fp, "%s", _(txt_conninfo_verify_successful));
 
 	raw_servercert_chain = gnutls_certificate_get_peers(client, &servercert_chainlen);
 	if (servercert_chainlen > 0) {
-		fprintf(fp, "\nServer certificate information:\n");
-		fprintf(fp, "-------------------------------\n");
+		fprintf(fp, "%s", txt_conninfo_server_cert_info);
 	}
 
 	for (i = 0; i < servercert_chainlen; i++) {
@@ -815,7 +818,7 @@ tintls_conninfo(
 
 		if (i > 0)
 			fputs("\n", fp);
-		fprintf(fp, "Certificate #%d\n", i);
+		fprintf(fp, _(txt_conninfo_cert), i);
 
 		result = gnutls_x509_crt_init(&servercert);
 		if (result < 0)
@@ -829,13 +832,13 @@ tintls_conninfo(
 		if (result < 0)
 			goto err_cert;
 
-		fprintf(fp, "Subject: %s\n", subject.data);
+		fprintf(fp, _(txt_conninfo_subject), subject.data);
 
 		result = gnutls_x509_crt_get_issuer_dn3(servercert, &issuer, 0);
 		if (result < 0)
 			goto err_cert;
 
-		fprintf(fp, "Issuer : %s\n", issuer.data);
+		fprintf(fp, _(txt_conninfo_issuer), issuer.data);
 
 		t = gnutls_x509_crt_get_activation_time(servercert);
 		if (t == -1)
@@ -843,9 +846,7 @@ tintls_conninfo(
 
 		tm = localtime(&t);
 		result = my_strftime(fmt_time, sizeof(fmt_time), "%Y-%m-%dT%H:%M%z (%Z)", tm); /* make format configurable? */
-		if (result < 0)
-			my_strncpy(fmt_time, "<formatting error>", sizeof(fmt_time) - 1);
-		fprintf(fp, txt_valid_not_before, fmt_time);
+		PRINT_VALID_BEFORE(fmt_time);
 
 		t = gnutls_x509_crt_get_expiration_time(servercert);
 		if (t == -1)
@@ -853,9 +854,7 @@ tintls_conninfo(
 
 		tm = localtime(&t);
 		result = my_strftime(fmt_time, sizeof(fmt_time), "%Y-%m-%dT%H:%M%z (%Z)", tm);
-		if (result < 0)
-			my_strncpy(fmt_time, "<formatting error>", sizeof(fmt_time) - 1);
-		fprintf(fp, txt_valid_not_after, fmt_time);
+		PRINT_VALID_AFTER(fmt_time);
 
 		retval = 0;
 
@@ -882,20 +881,18 @@ err_cert:
 	if (long_result != 1)
 		return -1;
 
-	fprintf(fp, "\nTLS information:\n");
-	fprintf(fp, "----------------\n");
+	fprintf(fp, "%s", _(txt_conninfo_tls_info));
 	fprintf(fp, "%s %s\n", SSL_get_version(ssl), SSL_get_cipher_name(ssl));
 
 	verification_result = SSL_get_verify_result(ssl);
 	if (verification_result != X509_V_OK)
-		fprintf(fp, "Server certificate verification FAILED:\n\t%s (%s)\n",
+		fprintf(fp, _(txt_conninfo_verify_failed),
 			X509_verify_cert_error_string(verification_result),
-			insecure_nntps ? "tolerated as \"-k\" (insecure) requested" : "UNEXPECTED, possible BUG");
+			insecure_nntps ? _(txt_conninfo_error_tolerated) : _(txt_conninfo_error_unexpected));
 	else
-		fprintf(fp, "Server certificate verified successfully.\n");
+		fprintf(fp, "%s", _(txt_conninfo_verify_successful));
 
-	fprintf(fp, "\nServer certificate information:\n");
-	fprintf(fp, "-------------------------------\n");
+	fprintf(fp, "%s", txt_conninfo_server_cert_info);
 
 	if (verification_result == X509_V_OK)
 		chain = SSL_get_peer_cert_chain(ssl);
@@ -913,26 +910,22 @@ err_cert:
 
 			if (i > 0)
 				fputs("\n", fp);
-			fprintf(fp, "Certificate #%d\n", i);
-			fprintf(fp, "Subject: %s\n", X509_NAME_oneline(X509_get_subject_name(cert), name, sizeof(name)));
-			fprintf(fp, "Issuer : %s\n", X509_NAME_oneline(X509_get_issuer_name(cert), name, sizeof(name)));
+			fprintf(fp, _(txt_conninfo_cert), i);
+			fprintf(fp, _(txt_conninfo_subject), X509_NAME_oneline(X509_get_subject_name(cert), name, sizeof(name)));
+			fprintf(fp, _(txt_conninfo_issuer), X509_NAME_oneline(X509_get_issuer_name(cert), name, sizeof(name)));
 
 			asn1 = X509_get0_notBefore(cert);
 			result = ASN1_TIME_to_tm(asn1, &tm);
 			if (result == 1) {
 				result = my_strftime(name, sizeof(name), "%Y-%m-%dT%H:%M%z", &tm); /* make format configurable? */
-				if (result < 0)
-					my_strncpy(name, "<formatting error>", sizeof(name) - 1);
-				fprintf(fp, txt_valid_not_before, name);
+				PRINT_VALID_BEFORE(name);
 			}
 
 			asn1 = X509_get0_notAfter(cert);
 			result = ASN1_TIME_to_tm(asn1, &tm);
 			if (result == 1) {
 				result = my_strftime(name, sizeof(name), "%Y-%m-%dT%H:%M%z", &tm);
-				if (result < 0)
-					my_strncpy(name, "<formatting error>", sizeof(name) - 1);
-				fprintf(fp, txt_valid_not_after, name);
+				PRINT_VALID_AFTER(name);
 			}
 		}
 	}
@@ -943,6 +936,10 @@ err_cert:
 }
 
 
+#undef PRINT_VALID_AFTER
+#undef PRINT_VALID_BEFORE
+
+
 #ifdef USE_OPENSSL
 static void
 show_errors(

More information about the tin-dev mailing list