[geary/wip/713247-tls] Don't retry continuously if host is untrusted
- From: Jim Nelson <jnelson src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [geary/wip/713247-tls] Don't retry continuously if host is untrusted
- Date: Wed, 27 Aug 2014 23:01:27 +0000 (UTC)
commit 1abc7595169c5d04b0c00fdc962715f0cb2ea402
Author: Jim Nelson <jim yorba org>
Date: Wed Aug 27 14:24:07 2014 -0700
Don't retry continuously if host is untrusted
src/client/dialogs/certificate-warning-dialog.vala | 4 +-
src/engine/api/geary-account-information.vala | 14 ++++++++
src/engine/api/geary-endpoint.vala | 2 +
.../transport/imap-client-session-manager.vala | 31 ++++++++++++++++-
ui/certificate_warning_dialog.glade | 36 +++++++++++++++-----
5 files changed, 75 insertions(+), 12 deletions(-)
---
diff --git a/src/client/dialogs/certificate-warning-dialog.vala
b/src/client/dialogs/certificate-warning-dialog.vala
index 079cda9..816402c 100644
--- a/src/client/dialogs/certificate-warning-dialog.vala
+++ b/src/client/dialogs/certificate-warning-dialog.vala
@@ -27,8 +27,8 @@ public class CertificateWarningDialog {
dialog.transient_for = parent;
dialog.modal = true;
- top_label.label = _("The identity of the mail server at %s could not be verified:").printf(
- endpoint.remote_address.hostname);
+ top_label.label = _("The identity of the mail server at %s:%u could not be verified:").printf(
+ endpoint.remote_address.hostname, endpoint.remote_address.port);
warnings_label.label = generate_warning_list(warnings);
warnings_label.use_markup = true;
diff --git a/src/engine/api/geary-account-information.vala b/src/engine/api/geary-account-information.vala
index 9901f60..bf49023 100644
--- a/src/engine/api/geary-account-information.vala
+++ b/src/engine/api/geary-account-information.vala
@@ -462,6 +462,13 @@ public class Geary.AccountInformation : BaseObject {
}
}
+ /**
+ * Returns the { link Endpoint} for the account's IMAP service.
+ *
+ * The Endpoint instance is guaranteed to be the same for the lifetime of the
+ * { link AccountInformation} instance, which is in turn guaranteed to be the same for the
+ * duration of the application session.
+ */
public Endpoint get_imap_endpoint() {
if (imap_endpoint != null)
return imap_endpoint;
@@ -504,6 +511,13 @@ public class Geary.AccountInformation : BaseObject {
untrusted_host(endpoint, security, cx, Service.IMAP, warnings);
}
+ /**
+ * Returns the { link Endpoint} for the account's SMTP service.
+ *
+ * The Endpoint instance is guaranteed to be the same for the lifetime of the
+ * { link AccountInformation} instance, which is in turn guaranteed to be the same for the
+ * duration of the application session.
+ */
public Endpoint get_smtp_endpoint() {
if (smtp_endpoint != null)
return smtp_endpoint;
diff --git a/src/engine/api/geary-endpoint.vala b/src/engine/api/geary-endpoint.vala
index 1fc8ffa..bbbd0a1 100644
--- a/src/engine/api/geary-endpoint.vala
+++ b/src/engine/api/geary-endpoint.vala
@@ -10,6 +10,8 @@
*/
public class Geary.Endpoint : BaseObject {
+ public const string PROP_TRUST_UNTRUSTED_HOST = "trust-untrusted-host";
+
[Flags]
public enum Flags {
NONE = 0,
diff --git a/src/engine/imap/transport/imap-client-session-manager.vala
b/src/engine/imap/transport/imap-client-session-manager.vala
index 95528e7..c821d64 100644
--- a/src/engine/imap/transport/imap-client-session-manager.vala
+++ b/src/engine/imap/transport/imap-client-session-manager.vala
@@ -50,6 +50,7 @@ public class Geary.Imap.ClientSessionManager : BaseObject {
private Nonblocking.Mutex sessions_mutex = new Nonblocking.Mutex();
private Gee.HashSet<ClientSession> reserved_sessions = new Gee.HashSet<ClientSession>();
private bool authentication_failed = false;
+ private bool untrusted_host = false;
private uint authorized_session_error_retry_timeout_id = 0;
public signal void login_failed();
@@ -58,11 +59,19 @@ public class Geary.Imap.ClientSessionManager : BaseObject {
this.account_information = account_information;
account_information.notify["imap-credentials"].connect(on_imap_credentials_notified);
+ account_information.get_imap_endpoint().untrusted_host.connect(on_imap_untrusted_host);
+ account_information.get_imap_endpoint().notify[Endpoint.PROP_TRUST_UNTRUSTED_HOST].connect(
+ on_imap_trust_untrusted_host);
}
~ClientSessionManager() {
if (is_open)
warning("Destroying opened ClientSessionManager");
+
+ account_information.notify["imap-credentials"].disconnect(on_imap_credentials_notified);
+ account_information.get_imap_endpoint().untrusted_host.disconnect(on_imap_untrusted_host);
+ account_information.get_imap_endpoint().notify[Endpoint.PROP_TRUST_UNTRUSTED_HOST].disconnect(
+ on_imap_trust_untrusted_host);
}
public async void open_async(Cancellable? cancellable) throws Error {
@@ -136,7 +145,7 @@ public class Geary.Imap.ClientSessionManager : BaseObject {
return;
}
- while ((sessions.size + pending_sessions) < min_pool_size && !authentication_failed && is_open)
+ while ((sessions.size + pending_sessions) < min_pool_size && !authentication_failed && is_open &&
!untrusted_host)
schedule_new_authorized_session();
try {
@@ -184,6 +193,9 @@ public class Geary.Imap.ClientSessionManager : BaseObject {
if (authentication_failed)
throw new ImapError.UNAUTHENTICATED("Invalid ClientSessionManager credentials");
+ if (untrusted_host)
+ throw new ImapError.UNAUTHENTICATED("Untrusted host %s",
account_information.get_imap_endpoint().to_string());
+
ClientSession new_session = new ClientSession(account_information.get_imap_endpoint());
// add session to pool before launching all the connect activity so error cases can properly
@@ -427,6 +439,23 @@ public class Geary.Imap.ClientSessionManager : BaseObject {
return removed;
}
+ private void on_imap_untrusted_host() {
+ // this is called any time trust issues are detected, so immediately clutch in to stop
+ // retries
+ untrusted_host = true;
+ }
+
+ private void on_imap_trust_untrusted_host() {
+ // fired when the trust_untrusted_host property changes, indicating if the user has agreed
+ // to ignore the trust problems and continue connecting
+ if (untrusted_host && account_information.get_imap_endpoint().trust_untrusted_host == Trillian.TRUE)
{
+ untrusted_host = false;
+
+ if (is_open)
+ adjust_session_pool.begin();
+ }
+ }
+
/**
* Use only for debugging and logging.
*/
diff --git a/ui/certificate_warning_dialog.glade b/ui/certificate_warning_dialog.glade
index 29e1bcf..5e832bf 100644
--- a/ui/certificate_warning_dialog.glade
+++ b/ui/certificate_warning_dialog.glade
@@ -25,8 +25,8 @@
<property name="margin_top">8</property>
<property name="layout_style">end</property>
<child>
- <object class="GtkButton" id="dont_trust_button">
- <property name="label" translatable="yes">_Don't Trust This Host</property>
+ <object class="GtkButton" id="always_trust_button">
+ <property name="label" translatable="yes">_Always Trust This Server</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">True</property>
@@ -40,7 +40,7 @@
</child>
<child>
<object class="GtkButton" id="trust_button">
- <property name="label" translatable="yes">_Trust This Host</property>
+ <property name="label" translatable="yes">_Trust This Server</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">True</property>
@@ -53,8 +53,8 @@
</packing>
</child>
<child>
- <object class="GtkButton" id="always_trust_button">
- <property name="label" translatable="yes">_Always Trust This Host</property>
+ <object class="GtkButton" id="dont_trust_button">
+ <property name="label" translatable="yes">_Don't Trust This Server</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">True</property>
@@ -157,7 +157,7 @@
<property name="can_focus">False</property>
<property name="valign">end</property>
<property name="xalign">0</property>
- <property name="label" translatable="yes">Selecting "Don't Trust This Host" will cause Geary
to exit if you have no other registered email accounts.</property>
+ <property name="label" translatable="yes">Selecting "Don't Trust This Server" will cause
Geary to exit if you have no other registered email accounts.</property>
<property name="wrap">True</property>
<attributes>
<attribute name="weight" value="bold"/>
@@ -182,7 +182,25 @@
<property name="expand">False</property>
<property name="fill">True</property>
<property name="pack_type">end</property>
- <property name="position">4</property>
+ <property name="position">3</property>
+ </packing>
+ </child>
+ <child>
+ <object class="GtkLabel" id="trust_label">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="xalign">0</property>
+ <property name="label" translatable="yes">Selecting "Trust This Server" or "Always Trust
This Server" may cause your email username and password to be transmitted insecurely.</property>
+ <property name="wrap">True</property>
+ <attributes>
+ <attribute name="weight" value="bold"/>
+ </attributes>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="pack_type">end</property>
+ <property name="position">5</property>
</packing>
</child>
</object>
@@ -195,9 +213,9 @@
</object>
</child>
<action-widgets>
- <action-widget response="0">dont_trust_button</action-widget>
- <action-widget response="1">trust_button</action-widget>
<action-widget response="2">always_trust_button</action-widget>
+ <action-widget response="1">trust_button</action-widget>
+ <action-widget response="0">dont_trust_button</action-widget>
</action-widgets>
</object>
</interface>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
