Hi Garret, On Fri, Jul 16, 2004 at 08:05:43PM -0400, Garrett Kajmowicz wrote:
I am going to start by appologizing: this diff contains two separate items. I needed to do one to get the other to work, and I didn't want to risk having one patch getting applied before the other.
Anyways, two things done: 1) Added a function to dpiutils which does the complete read in from stdin for the dpi response tag and returns the option number selected. Please feel free to add comments about error return values and so forth.
2) Added *preliminary* error checking in the https dpi which notifies the user in the event that no certificate is presented or that the certificate is not verified. I will do a more thorough breakdown and other options once I know that this meets spec. Let me know if you prefer different wording on the messages as well.
In short, please review and commit.
OK, I reviewed it an made some changes (now on CVS). I pondered a long time whether to make a generic function for parsing dpip dialog answers. Something like: a_Dpiutil_dialog_parse_answer(...) To me it seems that according to the simplicity principle of API design, sticking with Get_attr_value() instead of one custom parsing function per each dpip command is better... The same logic applies to the a_Dpip_build_command() I was thinking of. The interface for sending data may survive though. Anyway, the most important point of this patch is that after applying the patch, it seems not to trust even paypal! For instance: https://www.paypal.com/en_US/i/icon/secure_lock_2.gif gives me the warning dialog. Is this OK? Cheers Jorge.- PS: For those using CVS, you can avoid the dialogs by setting 'retval = 0' in https.c.