[evolution] Bug #699797 - Verify SSL trust after redirection
- From: Milan Crha <mcrha src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [evolution] Bug #699797 - Verify SSL trust after redirection
- Date: Fri, 18 Apr 2014 15:49:27 +0000 (UTC)
commit 192a2f785e70c7e5c2a3a7d311098a35ad93a63a
Author: Matt McCutchen <matt mattmccutchen net>
Date: Fri Apr 18 17:49:03 2014 +0200
Bug #699797 - Verify SSL trust after redirection
modules/cal-config-caldav/e-caldav-chooser.c | 97 ++++----------------------
1 files changed, 13 insertions(+), 84 deletions(-)
---
diff --git a/modules/cal-config-caldav/e-caldav-chooser.c b/modules/cal-config-caldav/e-caldav-chooser.c
index c0a96ec..77035c1 100644
--- a/modules/cal-config-caldav/e-caldav-chooser.c
+++ b/modules/cal-config-caldav/e-caldav-chooser.c
@@ -100,7 +100,8 @@ static void caldav_chooser_get_collection_details
(SoupSession *session,
SoupMessage *message,
const gchar *path_or_uri,
- GSimpleAsyncResult *simple);
+ GSimpleAsyncResult *simple,
+ Context *context);
G_DEFINE_DYNAMIC_TYPE_EXTENDED (
ECaldavChooser,
@@ -179,35 +180,6 @@ context_free (Context *context)
g_slice_free (Context, context);
}
-static ETrustPromptResponse
-trust_prompt_sync (const ENamedParameters *parameters,
- GCancellable *cancellable,
- GError **error)
-{
- EUserPrompter *prompter;
- gint response;
-
- g_return_val_if_fail (parameters != NULL, E_TRUST_PROMPT_RESPONSE_UNKNOWN);
-
- prompter = e_user_prompter_new ();
- g_return_val_if_fail (prompter != NULL, E_TRUST_PROMPT_RESPONSE_UNKNOWN);
-
- response = e_user_prompter_extension_prompt_sync (prompter, "ETrustPrompt::trust-prompt", parameters,
NULL, cancellable, error);
-
- g_object_unref (prompter);
-
- if (response == 0)
- return E_TRUST_PROMPT_RESPONSE_REJECT;
- if (response == 1)
- return E_TRUST_PROMPT_RESPONSE_ACCEPT;
- if (response == 2)
- return E_TRUST_PROMPT_RESPONSE_ACCEPT_TEMPORARILY;
- if (response == -1)
- return E_TRUST_PROMPT_RESPONSE_REJECT_TEMPORARILY;
-
- return E_TRUST_PROMPT_RESPONSE_UNKNOWN;
-}
-
static void
caldav_chooser_redirect (SoupMessage *message,
SoupSession *session)
@@ -907,7 +879,8 @@ static void
caldav_chooser_get_collection_details (SoupSession *session,
SoupMessage *message,
const gchar *path_or_uri,
- GSimpleAsyncResult *simple)
+ GSimpleAsyncResult *simple,
+ Context *context)
{
SoupURI *soup_uri;
@@ -937,6 +910,8 @@ caldav_chooser_get_collection_details (SoupSession *session,
NS_ICAL, XC ("calendar-color"),
NULL);
+ e_soup_ssl_trust_connect (message, context->source, context->registry, context->cancellable);
+
/* This takes ownership of the message. */
soup_session_queue_message (
session, message, (SoupSessionCallback)
@@ -960,34 +935,6 @@ caldav_chooser_calendar_home_set_cb (SoupSession *session,
context = g_simple_async_result_get_op_res_gpointer (simple);
- if (message->status_code == SOUP_STATUS_SSL_FAILED) {
- ETrustPromptResponse response;
- ENamedParameters *parameters;
- ESourceWebdav *extension;
-
- extension = e_source_get_extension (context->source, E_SOURCE_EXTENSION_WEBDAV_BACKEND);
- parameters = e_named_parameters_new ();
-
- response = e_source_webdav_prepare_ssl_trust_prompt (extension, message, context->registry,
parameters);
- if (response == E_TRUST_PROMPT_RESPONSE_UNKNOWN) {
- response = trust_prompt_sync (parameters, context->cancellable, NULL);
- if (response != E_TRUST_PROMPT_RESPONSE_UNKNOWN)
- e_source_webdav_store_ssl_trust_prompt (extension, message, response);
- }
-
- e_named_parameters_free (parameters);
-
- if (response == E_TRUST_PROMPT_RESPONSE_ACCEPT ||
- response == E_TRUST_PROMPT_RESPONSE_ACCEPT_TEMPORARILY) {
- g_object_set (context->session, SOUP_SESSION_SSL_STRICT, FALSE, NULL);
-
- soup_session_queue_message (
- context->session, g_object_ref (message), (SoupSessionCallback)
- caldav_chooser_calendar_home_set_cb, simple);
- return;
- }
- }
-
doc = caldav_chooser_parse_xml (message, "multistatus", &error);
/* If we were cancelled then we're in a GCancellable::cancelled
@@ -1127,7 +1074,7 @@ get_collection_details:
xmlFreeDoc (doc);
caldav_chooser_get_collection_details (
- session, message, calendar_home_set, simple);
+ session, message, calendar_home_set, simple, context);
g_free (calendar_home_set);
@@ -1149,6 +1096,8 @@ retry_propfind:
NS_CALDAV, XC ("calendar-user-address-set"),
NULL);
+ e_soup_ssl_trust_connect (message, context->source, context->registry, context->cancellable);
+
/* This takes ownership of the message. */
soup_session_queue_message (
session, message, (SoupSessionCallback)
@@ -1408,31 +1357,9 @@ caldav_chooser_try_password_sync (ESourceAuthenticator *auth,
g_object_ref (session),
(GDestroyNotify) g_object_unref);
- g_object_set (session, SOUP_SESSION_SSL_STRICT, TRUE, NULL);
- g_object_set (chooser->priv->session, SOUP_SESSION_SSL_STRICT, TRUE, NULL);
-
- if (soup_session_send_message (session, message) == SOUP_STATUS_SSL_FAILED) {
- ETrustPromptResponse response;
- ENamedParameters *parameters;
+ e_soup_ssl_trust_connect (message, source, chooser->priv->registry, cancellable);
- parameters = e_named_parameters_new ();
-
- response = e_source_webdav_prepare_ssl_trust_prompt (extension, message,
chooser->priv->registry, parameters);
- if (response == E_TRUST_PROMPT_RESPONSE_UNKNOWN) {
- response = trust_prompt_sync (parameters, cancellable, NULL);
- if (response != E_TRUST_PROMPT_RESPONSE_UNKNOWN)
- e_source_webdav_store_ssl_trust_prompt (extension, message, response);
- }
-
- e_named_parameters_free (parameters);
-
- if (response == E_TRUST_PROMPT_RESPONSE_ACCEPT ||
- response == E_TRUST_PROMPT_RESPONSE_ACCEPT_TEMPORARILY) {
- g_object_set (session, SOUP_SESSION_SSL_STRICT, FALSE, NULL);
- g_object_set (chooser->priv->session, SOUP_SESSION_SSL_STRICT, FALSE, NULL);
- soup_session_send_message (session, message);
- }
- }
+ soup_session_send_message (session, message);
if (cancel_id > 0)
g_cancellable_disconnect (cancellable, cancel_id);
@@ -1618,6 +1545,8 @@ e_caldav_chooser_populate (ECaldavChooser *chooser,
NS_WEBDAV, XC ("principal-URL"),
NULL);
+ e_soup_ssl_trust_connect (message, source, context->registry, context->cancellable);
+
/* This takes ownership of the message. */
soup_session_queue_message (
context->session, message, (SoupSessionCallback)
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]