[evolution-data-server] I#86 - Rejecting connection certificate causes constant connection retries
- From: Milan Crha <mcrha src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [evolution-data-server] I#86 - Rejecting connection certificate causes constant connection retries
- Date: Mon, 18 Feb 2019 18:03:28 +0000 (UTC)
commit eeef8c7b992b5fb0a8ec883d487f6b173cba312d
Author: Milan Crha <mcrha redhat com>
Date: Mon Feb 18 19:02:38 2019 +0100
I#86 - Rejecting connection certificate causes constant connection retries
Closes https://gitlab.gnome.org/GNOME/evolution-data-server/issues/86
src/calendar/libedata-cal/e-cal-meta-backend.c | 5 +-
src/libebackend/e-backend.c | 5 +-
src/libedataserver/e-source-webdav.c | 50 +++++++++++++++++
src/libedataserver/e-source-webdav.h | 6 ++
src/libedataserverui/e-trust-prompt.c | 78 +++++++++++++-------------
5 files changed, 102 insertions(+), 42 deletions(-)
---
diff --git a/src/calendar/libedata-cal/e-cal-meta-backend.c b/src/calendar/libedata-cal/e-cal-meta-backend.c
index fbad412d8..fbd1e62d5 100644
--- a/src/calendar/libedata-cal/e-cal-meta-backend.c
+++ b/src/calendar/libedata-cal/e-cal-meta-backend.c
@@ -2903,7 +2903,10 @@ ecmb_authenticate_sync (EBackend *backend,
if (auth_result == E_SOURCE_AUTHENTICATION_UNKNOWN)
auth_result = E_SOURCE_AUTHENTICATION_ERROR;
- e_source_set_connection_status (e_backend_get_source (backend),
E_SOURCE_CONNECTION_STATUS_DISCONNECTED);
+ e_source_set_connection_status (e_backend_get_source (backend),
+ auth_result == E_SOURCE_AUTHENTICATION_ERROR_SSL_FAILED ?
+ E_SOURCE_CONNECTION_STATUS_SSL_FAILED :
+ E_SOURCE_CONNECTION_STATUS_DISCONNECTED);
}
g_mutex_unlock (&meta_backend->priv->connect_lock);
diff --git a/src/libebackend/e-backend.c b/src/libebackend/e-backend.c
index 40d94a5bf..9b6e8c7d4 100644
--- a/src/libebackend/e-backend.c
+++ b/src/libebackend/e-backend.c
@@ -446,7 +446,10 @@ backend_source_authenticate_thread (gpointer user_data)
} else {
GError *local_error2 = NULL;
- e_source_set_connection_status (source, E_SOURCE_CONNECTION_STATUS_DISCONNECTED);
+ e_source_set_connection_status (source,
+ auth_result == E_SOURCE_AUTHENTICATION_ERROR_SSL_FAILED ?
+ E_SOURCE_CONNECTION_STATUS_SSL_FAILED :
+ E_SOURCE_CONNECTION_STATUS_DISCONNECTED);
if (!e_source_invoke_credentials_required_sync (source, reason, certificate_pem,
certificate_errors,
local_error, thread_data->cancellable, &local_error2)) {
diff --git a/src/libedataserver/e-source-webdav.c b/src/libedataserver/e-source-webdav.c
index 7f98e1756..dfc679add 100644
--- a/src/libedataserver/e-source-webdav.c
+++ b/src/libedataserver/e-source-webdav.c
@@ -1533,3 +1533,53 @@ e_source_webdav_unset_temporary_ssl_trust (ESourceWebdav *extension)
response == E_TRUST_PROMPT_RESPONSE_ACCEPT_TEMPORARILY)
e_source_webdav_set_ssl_trust (extension, NULL);
}
+
+/**
+ * e_source_webdav_get_ssl_trust_response:
+ * @extension: an #ESourceWebdav
+ *
+ * Returns: the last SSL trust response, as #ETrustPromptResponse, if none
+ * is set, then returns %E_TRUST_PROMPT_RESPONSE_UNKNOWN
+ *
+ * Since: 3.32
+ **/
+ETrustPromptResponse
+e_source_webdav_get_ssl_trust_response (ESourceWebdav *extension)
+{
+ ETrustPromptResponse response = E_TRUST_PROMPT_RESPONSE_UNKNOWN;
+
+ g_return_val_if_fail (E_IS_SOURCE_WEBDAV (extension), E_TRUST_PROMPT_RESPONSE_UNKNOWN);
+
+ if (!decode_ssl_trust (extension, &response, NULL, NULL))
+ response = E_TRUST_PROMPT_RESPONSE_UNKNOWN;
+
+ return response;
+}
+
+/**
+ * e_source_webdav_set_ssl_trust_response:
+ * @extension: an #ESourceWebdav
+ * @response: an #ETrustPromptResponse to set
+ *
+ * Set the SSL trust response, as #ETrustPromptResponse, while keeping
+ * the certificate and host information as before. The function does
+ * nothing, when none SSL trust is set or when %E_TRUST_PROMPT_RESPONSE_UNKNOWN
+ * is used as the @response.
+ *
+ * Since: 3.32
+ **/
+void
+e_source_webdav_set_ssl_trust_response (ESourceWebdav *extension,
+ ETrustPromptResponse response)
+{
+ gchar *host = NULL, *hash = NULL;
+
+ g_return_if_fail (E_IS_SOURCE_WEBDAV (extension));
+
+ if (response != E_TRUST_PROMPT_RESPONSE_UNKNOWN &&
+ decode_ssl_trust (extension, NULL, &host, &hash))
+ encode_ssl_trust (extension, response, host, hash);
+
+ g_free (host);
+ g_free (hash);
+}
diff --git a/src/libedataserver/e-source-webdav.h b/src/libedataserver/e-source-webdav.h
index 1a9173361..f1c8da856 100644
--- a/src/libedataserver/e-source-webdav.h
+++ b/src/libedataserver/e-source-webdav.h
@@ -147,6 +147,12 @@ ETrustPromptResponse
GTlsCertificateFlags cert_errors);
void e_source_webdav_unset_temporary_ssl_trust
(ESourceWebdav *extension);
+ETrustPromptResponse
+ e_source_webdav_get_ssl_trust_response
+ (ESourceWebdav *extension);
+void e_source_webdav_set_ssl_trust_response
+ (ESourceWebdav *extension,
+ ETrustPromptResponse response);
G_END_DECLS
diff --git a/src/libedataserverui/e-trust-prompt.c b/src/libedataserverui/e-trust-prompt.c
index 50d7634ee..71c217427 100644
--- a/src/libedataserverui/e-trust-prompt.c
+++ b/src/libedataserverui/e-trust-prompt.c
@@ -604,57 +604,55 @@ e_trust_prompt_run_for_source (GtkWindow *parent,
certificate = g_tls_certificate_new_from_pem (certificate_pem, -1, &save_data->error);
if (certificate) {
+ const gchar *source_extension = NULL;
+
if (extension_webdav && host)
save_data->response = e_source_webdav_verify_ssl_trust (extension_webdav, host,
certificate, 0);
else
save_data->response = E_TRUST_PROMPT_RESPONSE_REJECT_TEMPORARILY;
- if (save_data->response != E_TRUST_PROMPT_RESPONSE_REJECT) {
- const gchar *source_extension = NULL;
-
- if (e_source_has_extension (source, E_SOURCE_EXTENSION_ADDRESS_BOOK))
- source_extension = E_SOURCE_EXTENSION_ADDRESS_BOOK;
-
- if (e_source_has_extension (source, E_SOURCE_EXTENSION_CALENDAR)) {
- if (!source_extension)
- source_extension = E_SOURCE_EXTENSION_CALENDAR;
- else
- source_extension = E_SOURCE_EXTENSION_COLLECTION;
- }
+ if (e_source_has_extension (source, E_SOURCE_EXTENSION_ADDRESS_BOOK))
+ source_extension = E_SOURCE_EXTENSION_ADDRESS_BOOK;
- if (e_source_has_extension (source, E_SOURCE_EXTENSION_MEMO_LIST)) {
- if (!source_extension)
- source_extension = E_SOURCE_EXTENSION_MEMO_LIST;
- else
- source_extension = E_SOURCE_EXTENSION_COLLECTION;
- }
+ if (e_source_has_extension (source, E_SOURCE_EXTENSION_CALENDAR)) {
+ if (!source_extension)
+ source_extension = E_SOURCE_EXTENSION_CALENDAR;
+ else
+ source_extension = E_SOURCE_EXTENSION_COLLECTION;
+ }
- if (e_source_has_extension (source, E_SOURCE_EXTENSION_TASK_LIST)) {
- if (!source_extension)
- source_extension = E_SOURCE_EXTENSION_TASK_LIST;
- else
- source_extension = E_SOURCE_EXTENSION_COLLECTION;
- }
+ if (e_source_has_extension (source, E_SOURCE_EXTENSION_MEMO_LIST)) {
+ if (!source_extension)
+ source_extension = E_SOURCE_EXTENSION_MEMO_LIST;
+ else
+ source_extension = E_SOURCE_EXTENSION_COLLECTION;
+ }
- if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_ACCOUNT)) {
- if (!source_extension)
- source_extension = E_SOURCE_EXTENSION_MAIL_ACCOUNT;
- else
- source_extension = E_SOURCE_EXTENSION_COLLECTION;
- }
+ if (e_source_has_extension (source, E_SOURCE_EXTENSION_TASK_LIST)) {
+ if (!source_extension)
+ source_extension = E_SOURCE_EXTENSION_TASK_LIST;
+ else
+ source_extension = E_SOURCE_EXTENSION_COLLECTION;
+ }
- if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_TRANSPORT)) {
- if (!source_extension)
- source_extension = E_SOURCE_EXTENSION_MAIL_TRANSPORT;
- else
- source_extension = E_SOURCE_EXTENSION_COLLECTION;
- }
+ if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_ACCOUNT)) {
+ if (!source_extension)
+ source_extension = E_SOURCE_EXTENSION_MAIL_ACCOUNT;
+ else
+ source_extension = E_SOURCE_EXTENSION_COLLECTION;
+ }
- save_data->response = e_trust_prompt_run_with_dialog_ready_callback (parent,
- source_extension, e_source_get_display_name (source), host,
- certificate_pem, certificate_errors, error_text,
- trust_prompt_listen_for_source_changes_cb, source);
+ if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_TRANSPORT)) {
+ if (!source_extension)
+ source_extension = E_SOURCE_EXTENSION_MAIL_TRANSPORT;
+ else
+ source_extension = E_SOURCE_EXTENSION_COLLECTION;
}
+
+ save_data->response = e_trust_prompt_run_with_dialog_ready_callback (parent,
+ source_extension, e_source_get_display_name (source), host,
+ certificate_pem, certificate_errors, error_text,
+ trust_prompt_listen_for_source_changes_cb, source);
}
g_signal_handlers_disconnect_matched (source, G_SIGNAL_MATCH_FUNC, 0, 0, NULL,
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]