[geary/wip/713247-tls] Working w/ faked code path



commit 2072df42ae5810704ca6309ea9a859d090c150ce
Author: Jim Nelson <jim yorba org>
Date:   Tue Aug 26 18:20:21 2014 -0700

    Working w/ faked code path

 debian/control                                     |    6 +-
 po/POTFILES.in                                     |    1 +
 src/CMakeLists.txt                                 |    4 +-
 src/client/application/geary-controller.vala       |   22 +++
 src/client/dialogs/certificate-warning-dialog.vala |   58 ++++++++
 src/engine/api/geary-endpoint.vala                 |    6 +-
 ui/CMakeLists.txt                                  |    1 +
 ui/certificate_warning_dialog.glade                |  154 ++++++++++++++++++++
 8 files changed, 247 insertions(+), 5 deletions(-)
---
diff --git a/debian/control b/debian/control
index 9896e11..894b506 100644
--- a/debian/control
+++ b/debian/control
@@ -20,7 +20,8 @@ Build-Depends: debhelper (>= 8),
  intltool,
  libgirepository1.0-dev (>= 1.32.0),
  desktop-file-utils,
- gnome-doc-utils
+ gnome-doc-utils,
+ libgcr-3-dev
 Standards-Version: 3.8.3
 Homepage: http://www.yorba.org
 
@@ -38,7 +39,8 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  libgmime-2.6-0 (>= 2.6.0),
  libsecret-1-0 (>= 0.11),
  libmessaging-menu0 (>= 12.10.2),
- libunity9 (>= 5.12.0)
+ libunity9 (>= 5.12.0),
+ libgcr-3-1
 Description: Email client
  Geary is an email client built for the GNOME desktop environment.  It
  allows you to read and send email with a simple, modern interface.
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 5983043..b770d1a 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -48,6 +48,7 @@ src/client/conversation-viewer/conversation-viewer.vala
 src/client/conversation-viewer/conversation-web-view.vala
 src/client/dialogs/alert-dialog.vala
 src/client/dialogs/attachment-dialog.vala
+src/client/dialogs/certificate-warning-dialog.vala
 src/client/dialogs/password-dialog.vala
 src/client/dialogs/preferences-dialog.vala
 src/client/dialogs/upgrade-dialog.vala
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 9330c53..cc3a5d9 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -347,6 +347,7 @@ client/conversation-viewer/conversation-web-view.vala
 
 client/dialogs/alert-dialog.vala
 client/dialogs/attachment-dialog.vala
+client/dialogs/certificate-warning-dialog.vala
 client/dialogs/password-dialog.vala
 client/dialogs/preferences-dialog.vala
 client/dialogs/upgrade-dialog.vala
@@ -531,6 +532,7 @@ pkg_check_modules(DEPS REQUIRED
     gmime-2.6>=2.6.0
     libsecret-1>=0.11
     libxml-2.0>=2.7.8
+    gcr-3
     ${EXTRA_CLIENT_PKG_CONFIG}
 )
 
@@ -541,7 +543,7 @@ set(ENGINE_PACKAGES
 # webkitgtk-3.0 is listed as a custom VAPI (below) to ensure it's treated as a dependency and
 # built before compilation
 set(CLIENT_PACKAGES
-    gtk+-3.0 libsecret-1 libsoup-2.4 libnotify libcanberra ${EXTRA_CLIENT_PACKAGES}
+    gtk+-3.0 libsecret-1 libsoup-2.4 libnotify libcanberra gcr-3 ${EXTRA_CLIENT_PACKAGES}
 )
 
 set(CONSOLE_PACKAGES
diff --git a/src/client/application/geary-controller.vala b/src/client/application/geary-controller.vala
index b6b3446..60b3379 100644
--- a/src/client/application/geary-controller.vala
+++ b/src/client/application/geary-controller.vala
@@ -503,6 +503,28 @@ public class GearyController : Geary.BaseObject {
     private void on_tls_warnings_detected(Geary.AccountInformation account_information,
         Geary.Endpoint endpoint, Geary.Endpoint.SecurityType security, TlsConnection cx,
         Geary.Service service, TlsCertificateFlags warnings) {
+        prompt_tls_warning_async.begin(account_information, endpoint, security, cx, service, warnings);
+    }
+    
+    private Geary.Nonblocking.Mutex tls_prompt_mutex = new Geary.Nonblocking.Mutex();
+    
+    private async void prompt_tls_warning_async(Geary.AccountInformation account_information,
+        Geary.Endpoint endpoint, Geary.Endpoint.SecurityType security, TlsConnection cx,
+        Geary.Service service, TlsCertificateFlags warnings) {
+        try {
+            int token = yield tls_prompt_mutex.claim_async();
+            
+            if (endpoint.trust_host)
+                return;
+            
+            CertificateWarningDialog dialog = new CertificateWarningDialog(main_window, warnings);
+            if (dialog.run())
+                endpoint.trust_host = true;
+            
+            tls_prompt_mutex.release(ref token);
+        } catch (Error err) {
+            warning("Unable to prompt for certificate security warning: %s", err.message);
+        }
     }
     
     private void create_account() {
diff --git a/src/client/dialogs/certificate-warning-dialog.vala 
b/src/client/dialogs/certificate-warning-dialog.vala
new file mode 100644
index 0000000..d4a0bf1
--- /dev/null
+++ b/src/client/dialogs/certificate-warning-dialog.vala
@@ -0,0 +1,58 @@
+/* Copyright 2014 Yorba Foundation
+ *
+ * This software is licensed under the GNU Lesser General Public License
+ * (version 2.1 or later).  See the COPYING file in this distribution.
+ */
+
+public class CertificateWarningDialog {
+    private const string BULLET = "&#8226; ";
+    
+    private Gtk.Dialog dialog;
+    private Gtk.Label warnings_label;
+    
+    public CertificateWarningDialog(Gtk.Window? parent, TlsCertificateFlags warnings) {
+        Gtk.Builder builder = GearyApplication.instance.create_builder("certificate_warning_dialog.glade");
+        
+        dialog = (Gtk.Dialog) builder.get_object("CertificateWarningDialog");
+        warnings_label = (Gtk.Label) builder.get_object("warnings_label");
+        
+        dialog.transient_for = parent;
+        dialog.modal = true;
+        
+        warnings_label.label = generate_warning_list(warnings);
+        warnings_label.use_markup = true;
+    }
+    
+    private static string generate_warning_list(TlsCertificateFlags warnings) {
+        StringBuilder builder = new StringBuilder();
+         
+        if ((warnings & TlsCertificateFlags.UNKNOWN_CA) != 0)
+            builder.append(BULLET + _("The server's signing certificate authority is unknown.\n"));
+        
+        if ((warnings & TlsCertificateFlags.BAD_IDENTITY) != 0)
+            builder.append(BULLET + _("The server's identity does not match the identity in the 
certificate.\n"));
+        
+        if ((warnings & TlsCertificateFlags.EXPIRED) != 0)
+            builder.append(BULLET + _("The server's certificate has expired.\n"));
+        
+        if ((warnings & TlsCertificateFlags.REVOKED) != 0)
+            builder.append(BULLET + _("The server's certificate has been revoked and is now invalid.\n"));
+        
+        if ((warnings & TlsCertificateFlags.INSECURE) != 0)
+            builder.append(BULLET + _("The server's certificate is considered insecure.\n"));
+        
+        if ((warnings & TlsCertificateFlags.GENERIC_ERROR) != 0)
+            builder.append(BULLET + _("An error has occurred processing the server's certificate.\n"));
+        
+        return builder.str;
+    }
+    
+    public bool run() {
+        dialog.show_all();
+        int response = dialog.run();
+        dialog.destroy();
+        
+        return response == 1;
+    }
+}
+
diff --git a/src/engine/api/geary-endpoint.vala b/src/engine/api/geary-endpoint.vala
index c8226d7..876e1fd 100644
--- a/src/engine/api/geary-endpoint.vala
+++ b/src/engine/api/geary-endpoint.vala
@@ -44,6 +44,7 @@ public class Geary.Endpoint : BaseObject {
     public TlsCertificateFlags tls_validation_flags { get; set; default = TlsCertificateFlags.VALIDATE_ALL; }
     public TlsCertificateFlags tls_validation_warnings { get; private set; default = 0; }
     public bool force_ssl3 { get; set; default = false; }
+    public bool trust_host { get; set; default = false; }
     
     public bool is_ssl { get {
         return flags.is_all_set(Flags.SSL);
@@ -54,7 +55,6 @@ public class Geary.Endpoint : BaseObject {
     } }
     
     private SocketClient? socket_client = null;
-    private bool tls_warnings_accepted = false;
     
     public signal void tls_warnings_detected(SecurityType security, TlsConnection cx,
         TlsCertificateFlags tls_warnings);
@@ -118,6 +118,8 @@ public class Geary.Endpoint : BaseObject {
             tls_cx.accept_certificate.connect(on_accept_starttls_certificate);
         else
             tls_cx.accept_certificate.connect(on_accept_ssl_certificate);
+        
+        tls_warnings_detected(SecurityType.SSL, tls_cx, TlsCertificateFlags.UNKNOWN_CA);
     }
     
     private bool on_accept_starttls_certificate(TlsConnection cx, TlsCertificate cert, TlsCertificateFlags 
flags) {
@@ -136,7 +138,7 @@ public class Geary.Endpoint : BaseObject {
         
         tls_validation_warnings = warnings;
         
-        if (tls_warnings_accepted)
+        if (trust_host)
             return true;
         
         tls_warnings_detected(security, cx, warnings);
diff --git a/ui/CMakeLists.txt b/ui/CMakeLists.txt
index b04dbe2..cdf0f7b 100644
--- a/ui/CMakeLists.txt
+++ b/ui/CMakeLists.txt
@@ -5,6 +5,7 @@ install(FILES account_list.glade DESTINATION ${UI_DEST})
 install(FILES account_cannot_remove.glade DESTINATION ${UI_DEST})
 install(FILES account_spinner.glade DESTINATION ${UI_DEST})
 install(FILES app_menu.interface DESTINATION ${UI_DEST})
+install(FILES certificate_warning_dialog.glade DESTINATION ${UI_DEST})
 install(FILES composer.glade DESTINATION ${UI_DEST})
 install(FILES composer_accelerators.ui DESTINATION ${UI_DEST})
 install(FILES find_bar.glade DESTINATION ${UI_DEST})
diff --git a/ui/certificate_warning_dialog.glade b/ui/certificate_warning_dialog.glade
new file mode 100644
index 0000000..da2cfaa
--- /dev/null
+++ b/ui/certificate_warning_dialog.glade
@@ -0,0 +1,154 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Generated with glade 3.16.1 -->
+<interface>
+  <requires lib="gtk+" version="3.10"/>
+  <object class="GtkDialog" id="CertificateWarningDialog">
+    <property name="can_focus">False</property>
+    <property name="title" translatable="yes">Certificate Security Warning</property>
+    <property name="modal">True</property>
+    <property name="destroy_with_parent">True</property>
+    <property name="type_hint">dialog</property>
+    <property name="urgency_hint">True</property>
+    <child internal-child="vbox">
+      <object class="GtkBox" id="dialog-vbox1">
+        <property name="can_focus">False</property>
+        <property name="margin_left">8</property>
+        <property name="margin_right">8</property>
+        <property name="margin_top">8</property>
+        <property name="margin_bottom">8</property>
+        <property name="orientation">vertical</property>
+        <property name="spacing">2</property>
+        <child internal-child="action_area">
+          <object class="GtkButtonBox" id="dialog-action_area1">
+            <property name="can_focus">False</property>
+            <property name="valign">end</property>
+            <property name="margin_top">8</property>
+            <property name="layout_style">end</property>
+            <child>
+              <object class="GtkButton" id="dont_trust_button">
+                <property name="label" translatable="yes">_Don't trust this host</property>
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="receives_default">True</property>
+                <property name="use_underline">True</property>
+              </object>
+              <packing>
+                <property name="expand">False</property>
+                <property name="fill">True</property>
+                <property name="position">0</property>
+              </packing>
+            </child>
+            <child>
+              <object class="GtkButton" id="trust_button">
+                <property name="label" translatable="yes">_Trust this host</property>
+                <property name="visible">True</property>
+                <property name="can_focus">True</property>
+                <property name="receives_default">True</property>
+                <property name="use_underline">True</property>
+              </object>
+              <packing>
+                <property name="expand">False</property>
+                <property name="fill">True</property>
+                <property name="position">1</property>
+              </packing>
+            </child>
+          </object>
+          <packing>
+            <property name="expand">False</property>
+            <property name="fill">True</property>
+            <property name="pack_type">end</property>
+            <property name="position">0</property>
+          </packing>
+        </child>
+        <child>
+          <object class="GtkBox" id="box1">
+            <property name="visible">True</property>
+            <property name="can_focus">False</property>
+            <property name="orientation">vertical</property>
+            <property name="spacing">4</property>
+            <child>
+              <object class="GtkBox" id="box2">
+                <property name="visible">True</property>
+                <property name="can_focus">False</property>
+                <property name="spacing">6</property>
+                <child>
+                  <object class="GtkImage" id="image1">
+                    <property name="visible">True</property>
+                    <property name="can_focus">False</property>
+                    <property name="icon_name">security-high-symbolic</property>
+                    <property name="icon_size">6</property>
+                  </object>
+                  <packing>
+                    <property name="expand">False</property>
+                    <property name="fill">True</property>
+                    <property name="position">0</property>
+                  </packing>
+                </child>
+                <child>
+                  <object class="GtkLabel" id="label1">
+                    <property name="visible">True</property>
+                    <property name="can_focus">False</property>
+                    <property name="label" translatable="yes">Security Warning</property>
+                    <attributes>
+                      <attribute name="weight" value="bold"/>
+                    </attributes>
+                  </object>
+                  <packing>
+                    <property name="expand">False</property>
+                    <property name="fill">True</property>
+                    <property name="position">1</property>
+                  </packing>
+                </child>
+              </object>
+              <packing>
+                <property name="expand">False</property>
+                <property name="fill">True</property>
+                <property name="position">0</property>
+              </packing>
+            </child>
+            <child>
+              <object class="GtkLabel" id="label2">
+                <property name="visible">True</property>
+                <property name="can_focus">False</property>
+                <property name="margin_top">8</property>
+                <property name="xalign">0</property>
+                <property name="label" translatable="yes">The following security warnings were detected 
attempting to verify the server's identity:</property>
+                <property name="wrap">True</property>
+              </object>
+              <packing>
+                <property name="expand">False</property>
+                <property name="fill">True</property>
+                <property name="position">1</property>
+              </packing>
+            </child>
+            <child>
+              <object class="GtkLabel" id="warnings_label">
+                <property name="visible">True</property>
+                <property name="can_focus">False</property>
+                <property name="margin_left">16</property>
+                <property name="xalign">0</property>
+                <property name="label">(empty)</property>
+                <property name="wrap">True</property>
+                <property name="max_width_chars">80</property>
+              </object>
+              <packing>
+                <property name="expand">False</property>
+                <property name="fill">True</property>
+                <property name="position">2</property>
+              </packing>
+            </child>
+          </object>
+          <packing>
+            <property name="expand">False</property>
+            <property name="fill">True</property>
+            <property name="position">1</property>
+          </packing>
+        </child>
+      </object>
+    </child>
+    <action-widgets>
+      <action-widget response="0">dont_trust_button</action-widget>
+      <action-widget response="1">trust_button</action-widget>
+    </action-widgets>
+  </object>
+</interface>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]