[geary/wip/713247-tls] Getting there
- From: Jim Nelson <jnelson src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [geary/wip/713247-tls] Getting there
- Date: Wed, 27 Aug 2014 01:59:55 +0000 (UTC)
commit 634f6be8d2c5e2c046c4ce18a524c1d8c4408468
Author: Jim Nelson <jim yorba org>
Date: Tue Aug 26 18:59:56 2014 -0700
Getting there
po/POTFILES.in | 1 +
src/client/application/geary-controller.vala | 25 ++++++++++-
src/client/dialogs/certificate-warning-dialog.vala | 42 ++++++++++++++----
ui/certificate_warning_dialog.glade | 45 +++++++++++++++++---
4 files changed, 95 insertions(+), 18 deletions(-)
---
diff --git a/po/POTFILES.in b/po/POTFILES.in
index b770d1a..998dcd6 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -353,6 +353,7 @@ src/engine/util/util-trillian.vala
[type: gettext/glade]ui/account_list.glade
[type: gettext/glade]ui/account_spinner.glade
[type: gettext/glade]ui/app_menu.interface
+[type: gettext/glade]ui/certificate_warning_dialog.glade
[type: gettext/glade]ui/composer_accelerators.ui
[type: gettext/glade]ui/composer.glade
[type: gettext/glade]ui/find_bar.glade
diff --git a/src/client/application/geary-controller.vala b/src/client/application/geary-controller.vala
index 60b3379..30d205c 100644
--- a/src/client/application/geary-controller.vala
+++ b/src/client/application/geary-controller.vala
@@ -514,12 +514,31 @@ public class GearyController : Geary.BaseObject {
try {
int token = yield tls_prompt_mutex.claim_async();
+ // possible while waiting on mutex that this endpoint became trusted
if (endpoint.trust_host)
return;
- CertificateWarningDialog dialog = new CertificateWarningDialog(main_window, warnings);
- if (dialog.run())
- endpoint.trust_host = true;
+ CertificateWarningDialog dialog = new CertificateWarningDialog(main_window, endpoint,
+ warnings);
+ switch (dialog.run()) {
+ case CertificateWarningDialog.Result.TRUST:
+ endpoint.trust_host = true;
+ break;
+
+ case CertificateWarningDialog.Result.ALWAYS_TRUST:
+ endpoint.trust_host = true;
+ // TODO: Pin certificate
+ break;
+
+ default:
+ try {
+ Geary.Account account =
Geary.Engine.instance.get_account_instance(account_information);
+ close_account(account);
+ } catch (Error err) {
+ message("Unable to close account due to user trust issues: %s", err.message);
+ }
+ break;
+ }
tls_prompt_mutex.release(ref token);
} catch (Error err) {
diff --git a/src/client/dialogs/certificate-warning-dialog.vala
b/src/client/dialogs/certificate-warning-dialog.vala
index d4a0bf1..079cda9 100644
--- a/src/client/dialogs/certificate-warning-dialog.vala
+++ b/src/client/dialogs/certificate-warning-dialog.vala
@@ -5,20 +5,31 @@
*/
public class CertificateWarningDialog {
+ public enum Result {
+ DONT_TRUST,
+ TRUST,
+ ALWAYS_TRUST
+ }
+
private const string BULLET = "• ";
private Gtk.Dialog dialog;
+ private Gtk.Label top_label;
private Gtk.Label warnings_label;
- public CertificateWarningDialog(Gtk.Window? parent, TlsCertificateFlags warnings) {
+ public CertificateWarningDialog(Gtk.Window? parent, Geary.Endpoint endpoint, TlsCertificateFlags
warnings) {
Gtk.Builder builder = GearyApplication.instance.create_builder("certificate_warning_dialog.glade");
dialog = (Gtk.Dialog) builder.get_object("CertificateWarningDialog");
+ top_label = (Gtk.Label) builder.get_object("top_label");
warnings_label = (Gtk.Label) builder.get_object("warnings_label");
dialog.transient_for = parent;
dialog.modal = true;
+ top_label.label = _("The identity of the mail server at %s could not be verified:").printf(
+ endpoint.remote_address.hostname);
+
warnings_label.label = generate_warning_list(warnings);
warnings_label.use_markup = true;
}
@@ -27,32 +38,45 @@ public class CertificateWarningDialog {
StringBuilder builder = new StringBuilder();
if ((warnings & TlsCertificateFlags.UNKNOWN_CA) != 0)
- builder.append(BULLET + _("The server's signing certificate authority is unknown.\n"));
+ builder.append(BULLET + _("The server's certificate is not signed by a known authority") + "\n");
if ((warnings & TlsCertificateFlags.BAD_IDENTITY) != 0)
- builder.append(BULLET + _("The server's identity does not match the identity in the
certificate.\n"));
+ builder.append(BULLET + _("The server's identity does not match the identity in the
certificate") + "\n");
if ((warnings & TlsCertificateFlags.EXPIRED) != 0)
- builder.append(BULLET + _("The server's certificate has expired.\n"));
+ builder.append(BULLET + _("The server's certificate has expired") + "\n");
+
+ if ((warnings & TlsCertificateFlags.NOT_ACTIVATED) != 0)
+ builder.append(BULLET + _("The server's certificate has not been activated") + "\n");
if ((warnings & TlsCertificateFlags.REVOKED) != 0)
- builder.append(BULLET + _("The server's certificate has been revoked and is now invalid.\n"));
+ builder.append(BULLET + _("The server's certificate has been revoked and is now invalid") +
"\n");
if ((warnings & TlsCertificateFlags.INSECURE) != 0)
- builder.append(BULLET + _("The server's certificate is considered insecure.\n"));
+ builder.append(BULLET + _("The server's certificate is considered insecure") + "\n");
if ((warnings & TlsCertificateFlags.GENERIC_ERROR) != 0)
- builder.append(BULLET + _("An error has occurred processing the server's certificate.\n"));
+ builder.append(BULLET + _("An error has occurred processing the server's certificate") + "\n");
return builder.str;
}
- public bool run() {
+ public Result run() {
dialog.show_all();
int response = dialog.run();
dialog.destroy();
- return response == 1;
+ // these values are defined in the Glade file
+ switch (response) {
+ case 1:
+ return Result.TRUST;
+
+ case 2:
+ return Result.ALWAYS_TRUST;
+
+ default:
+ return Result.DONT_TRUST;
+ }
}
}
diff --git a/ui/certificate_warning_dialog.glade b/ui/certificate_warning_dialog.glade
index da2cfaa..317b000 100644
--- a/ui/certificate_warning_dialog.glade
+++ b/ui/certificate_warning_dialog.glade
@@ -26,7 +26,7 @@
<property name="layout_style">end</property>
<child>
<object class="GtkButton" id="dont_trust_button">
- <property name="label" translatable="yes">_Don't trust this host</property>
+ <property name="label" translatable="yes">_Don't Trust This Host</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">True</property>
@@ -40,7 +40,7 @@
</child>
<child>
<object class="GtkButton" id="trust_button">
- <property name="label" translatable="yes">_Trust this host</property>
+ <property name="label" translatable="yes">_Trust This Host</property>
<property name="visible">True</property>
<property name="can_focus">True</property>
<property name="receives_default">True</property>
@@ -52,6 +52,20 @@
<property name="position">1</property>
</packing>
</child>
+ <child>
+ <object class="GtkButton" id="always_trust_button">
+ <property name="label" translatable="yes">_Always Trust This Host</property>
+ <property name="visible">True</property>
+ <property name="can_focus">True</property>
+ <property name="receives_default">True</property>
+ <property name="use_underline">True</property>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="position">2</property>
+ </packing>
+ </child>
</object>
<packing>
<property name="expand">False</property>
@@ -88,7 +102,7 @@
<object class="GtkLabel" id="label1">
<property name="visible">True</property>
<property name="can_focus">False</property>
- <property name="label" translatable="yes">Security Warning</property>
+ <property name="label" translatable="yes">Untrusted Connection</property>
<attributes>
<attribute name="weight" value="bold"/>
</attributes>
@@ -107,12 +121,12 @@
</packing>
</child>
<child>
- <object class="GtkLabel" id="label2">
+ <object class="GtkLabel" id="top_label">
<property name="visible">True</property>
<property name="can_focus">False</property>
<property name="margin_top">8</property>
<property name="xalign">0</property>
- <property name="label" translatable="yes">The following security warnings were detected
attempting to verify the server's identity:</property>
+ <property name="label">(empty)</property>
<property name="wrap">True</property>
</object>
<packing>
@@ -137,9 +151,27 @@
<property name="position">2</property>
</packing>
</child>
+ <child>
+ <object class="GtkLabel" id="label2">
+ <property name="visible">True</property>
+ <property name="can_focus">False</property>
+ <property name="valign">end</property>
+ <property name="xalign">0</property>
+ <property name="label" translatable="yes">Selecting "Don't Trust This Host" will cause Geary
to exit.</property>
+ <attributes>
+ <attribute name="weight" value="bold"/>
+ </attributes>
+ </object>
+ <packing>
+ <property name="expand">False</property>
+ <property name="fill">True</property>
+ <property name="pack_type">end</property>
+ <property name="position">3</property>
+ </packing>
+ </child>
</object>
<packing>
- <property name="expand">False</property>
+ <property name="expand">True</property>
<property name="fill">True</property>
<property name="position">1</property>
</packing>
@@ -149,6 +181,7 @@
<action-widgets>
<action-widget response="0">dont_trust_button</action-widget>
<action-widget response="1">trust_button</action-widget>
+ <action-widget response="2">always_trust_button</action-widget>
</action-widgets>
</object>
</interface>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
