[geary/wip/20-cert-pinning: 3/5] Tidy up all of the various untrusted_host signals
- From: Michael Gratton <mjog src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [geary/wip/20-cert-pinning: 3/5] Tidy up all of the various untrusted_host signals
- Date: Sat, 29 Dec 2018 02:53:44 +0000 (UTC)
commit 11f16f744680ec7f208885a09b9a175ed7f3f5d9
Author: Michael Gratton <mike vee net>
Date: Thu Dec 27 16:56:11 2018 +1100
Tidy up all of the various untrusted_host signals
Remove it from Geary.Engine, since it just adds complexity without
making API client use any easier. Replace the TLS negotiate method on
the remaining versions of the signal with the Endpoint, since it's handy
to have and the negotiation method can be obtained from that if needed.
src/client/application/geary-controller.vala | 21 ++++++++++++---------
src/engine/api/geary-account-information.vala | 11 +++++++----
src/engine/api/geary-client-service.vala | 4 ++--
src/engine/api/geary-endpoint.vala | 21 +++++++++++++--------
src/engine/api/geary-engine.vala | 23 -----------------------
5 files changed, 34 insertions(+), 46 deletions(-)
---
diff --git a/src/client/application/geary-controller.vala b/src/client/application/geary-controller.vala
index 926ea956..1861d0d0 100644
--- a/src/client/application/geary-controller.vala
+++ b/src/client/application/geary-controller.vala
@@ -259,7 +259,6 @@ public class GearyController : Geary.BaseObject {
enable_message_buttons(false);
engine.account_available.connect(on_account_available);
- engine.untrusted_host.connect(on_untrusted_host);
// Connect to various UI signals.
main_window.conversation_list_view.conversations_selected.connect(on_conversations_selected);
@@ -374,7 +373,6 @@ public class GearyController : Geary.BaseObject {
this.open_cancellable = null;
Geary.Engine.instance.account_available.disconnect(on_account_available);
- Geary.Engine.instance.untrusted_host.disconnect(on_untrusted_host);
// Release folder and conversations in the main window
on_conversations_selected(new Gee.HashSet<Geary.App.Conversation>());
@@ -605,6 +603,7 @@ public class GearyController : Geary.BaseObject {
}
private void open_account(Geary.Account account) {
+ account.information.untrusted_host.connect(on_untrusted_host);
account.report_problem.connect(on_report_problem);
connect_account_async.begin(account, cancellable_open_account);
@@ -630,6 +629,8 @@ public class GearyController : Geary.BaseObject {
cancel_folder();
}
+ info.untrusted_host.disconnect(on_untrusted_host);
+
// Stop showing errors when closing the account - the user
// doesn't care
context.account.report_problem.disconnect(on_report_problem);
@@ -638,13 +639,6 @@ public class GearyController : Geary.BaseObject {
}
}
- private void on_untrusted_host(Geary.AccountInformation account,
- Geary.ServiceInformation service,
- Geary.TlsNegotiationMethod method,
- TlsConnection cx) {
- this.prompt_untrusted_host_async.begin(account, service, method, cx);
- }
-
private async void
prompt_untrusted_host_async(Geary.AccountInformation account,
Geary.ServiceInformation service,
@@ -3004,6 +2998,15 @@ public class GearyController : Geary.BaseObject {
);
}
+ private void on_untrusted_host(Geary.AccountInformation account,
+ Geary.ServiceInformation service,
+ Geary.Endpoint endpoint,
+ TlsConnection cx) {
+ this.prompt_untrusted_host_async.begin(
+ account, service, endpoint.tls_method, cx
+ );
+ }
+
private void on_scan_completed() {
// Done scanning. Check if we have enough messages to fill
// the conversation list; if not, trigger a load_more();
diff --git a/src/engine/api/geary-account-information.vala b/src/engine/api/geary-account-information.vala
index de6d9b49..e5862417 100644
--- a/src/engine/api/geary-account-information.vala
+++ b/src/engine/api/geary-account-information.vala
@@ -211,13 +211,16 @@ public class Geary.AccountInformation : BaseObject {
/**
- * Emitted when a service has reported TLS certificate warnings.
+ * Emitted when an endpoint has reported TLS certificate warnings.
*
- * It is up to the caller to pin the certificate appropriately if
- * the user does not want to receive these warnings in the future.
+ * This signal is emitted when either of the incoming or outgoing
+ * endpoints emit the signal with the same name, which may be more
+ * convenient for clients.
+ *
+ * @see Endpoint.untrusted_host
*/
public signal void untrusted_host(ServiceInformation service,
- TlsNegotiationMethod method,
+ Endpoint endpoint,
GLib.TlsConnection cx);
/** Emitted when the account settings have changed. */
diff --git a/src/engine/api/geary-client-service.vala b/src/engine/api/geary-client-service.vala
index c0617205..e5c38e74 100644
--- a/src/engine/api/geary-client-service.vala
+++ b/src/engine/api/geary-client-service.vala
@@ -91,9 +91,9 @@ public abstract class Geary.ClientService : BaseObject {
throws GLib.Error;
- private void on_untrusted_host(TlsNegotiationMethod method,
+ private void on_untrusted_host(Endpoint remote,
GLib.TlsConnection cx) {
- this.account.untrusted_host(this.configuration, method, cx);
+ this.account.untrusted_host(this.configuration, remote, cx);
}
}
diff --git a/src/engine/api/geary-endpoint.vala b/src/engine/api/geary-endpoint.vala
index b1174c6c..a19bd2d7 100644
--- a/src/engine/api/geary-endpoint.vala
+++ b/src/engine/api/geary-endpoint.vala
@@ -130,18 +130,23 @@ public class Geary.Endpoint : BaseObject {
private SocketClient? socket_client = null;
+
/**
- * Fired when TLS certificate warnings are detected and the caller has not marked this
- * {@link Endpoint} as trusted via {@link trust_untrusted_host}.
+ * Emitted when unexpected TLS certificate warnings are detected.
+ *
+ * This occurs when a connection receives a TLS certificate
+ * warning and the caller has not marked this endpoint as trusted
+ * via {@link trust_untrusted_host}.
*
- * The connection will be closed when this is fired. The caller should query the user about
- * how to deal with the situation. If user wants to proceed, set {@link trust_untrusted_host}
- * to {@link Trillian.TRUE} and retry connection.
+ * The connection will be closed when this is fired. The caller
+ * should query the user about how to deal with the situation. If
+ * user wants to proceed, set {@link trust_untrusted_host} to
+ * {@link Trillian.TRUE} and retry connection.
*
+ * @see AccountInformation.untrusted_host
* @see tls_validation_warnings
*/
- public signal void untrusted_host(TlsNegotiationMethod method,
- GLib.TlsConnection cx);
+ public signal void untrusted_host(GLib.TlsConnection cx);
public Endpoint(GLib.SocketConnectable remote,
@@ -219,7 +224,7 @@ public class Geary.Endpoint : BaseObject {
return true;
// signal an issue has been detected and return false to deny the connection
- untrusted_host(this.tls_method, cx);
+ untrusted_host(cx);
return false;
}
diff --git a/src/engine/api/geary-engine.vala b/src/engine/api/geary-engine.vala
index b6e4d4bc..d173fb17 100644
--- a/src/engine/api/geary-engine.vala
+++ b/src/engine/api/geary-engine.vala
@@ -108,19 +108,6 @@ public class Geary.Engine : BaseObject {
*/
public signal void account_unavailable(AccountInformation account);
- /**
- * Emitted when a service has reported TLS certificate warnings.
- *
- * This may be fired during normal operation or while validating
- * the account information, in which case there is no {@link
- * Account} associated with it.
- *
- * @see AccountInformation.untrusted_host
- */
- public signal void untrusted_host(AccountInformation account,
- ServiceInformation service,
- TlsNegotiationMethod method,
- GLib.TlsConnection cx);
// Public so it can be tested
public Engine() {
@@ -407,7 +394,6 @@ public class Geary.Engine : BaseObject {
}
accounts.set(account.id, account);
- account.untrusted_host.connect(on_untrusted_host);
account_available(account);
}
@@ -427,8 +413,6 @@ public class Geary.Engine : BaseObject {
}
if (this.accounts.has_key(account.id)) {
- account.untrusted_host.disconnect(on_untrusted_host);
-
// Send the account-unavailable signal, account will be
// removed client side.
account_unavailable(account);
@@ -523,11 +507,4 @@ public class Geary.Engine : BaseObject {
return shared;
}
-
- private void on_untrusted_host(AccountInformation account,
- ServiceInformation service,
- TlsNegotiationMethod method,
- GLib.TlsConnection cx) {
- untrusted_host(account, service, method, cx);
- }
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]