[evolution-data-server] I#86 - Rejecting connection certificate causes constant connection retries



commit eeef8c7b992b5fb0a8ec883d487f6b173cba312d
Author: Milan Crha <mcrha redhat com>
Date:   Mon Feb 18 19:02:38 2019 +0100

    I#86 - Rejecting connection certificate causes constant connection retries
    
    Closes https://gitlab.gnome.org/GNOME/evolution-data-server/issues/86

 src/calendar/libedata-cal/e-cal-meta-backend.c |  5 +-
 src/libebackend/e-backend.c                    |  5 +-
 src/libedataserver/e-source-webdav.c           | 50 +++++++++++++++++
 src/libedataserver/e-source-webdav.h           |  6 ++
 src/libedataserverui/e-trust-prompt.c          | 78 +++++++++++++-------------
 5 files changed, 102 insertions(+), 42 deletions(-)
---
diff --git a/src/calendar/libedata-cal/e-cal-meta-backend.c b/src/calendar/libedata-cal/e-cal-meta-backend.c
index fbad412d8..fbd1e62d5 100644
--- a/src/calendar/libedata-cal/e-cal-meta-backend.c
+++ b/src/calendar/libedata-cal/e-cal-meta-backend.c
@@ -2903,7 +2903,10 @@ ecmb_authenticate_sync (EBackend *backend,
                if (auth_result == E_SOURCE_AUTHENTICATION_UNKNOWN)
                        auth_result = E_SOURCE_AUTHENTICATION_ERROR;
 
-               e_source_set_connection_status (e_backend_get_source (backend), 
E_SOURCE_CONNECTION_STATUS_DISCONNECTED);
+               e_source_set_connection_status (e_backend_get_source (backend),
+                       auth_result == E_SOURCE_AUTHENTICATION_ERROR_SSL_FAILED ?
+                       E_SOURCE_CONNECTION_STATUS_SSL_FAILED :
+                       E_SOURCE_CONNECTION_STATUS_DISCONNECTED);
        }
        g_mutex_unlock (&meta_backend->priv->connect_lock);
 
diff --git a/src/libebackend/e-backend.c b/src/libebackend/e-backend.c
index 40d94a5bf..9b6e8c7d4 100644
--- a/src/libebackend/e-backend.c
+++ b/src/libebackend/e-backend.c
@@ -446,7 +446,10 @@ backend_source_authenticate_thread (gpointer user_data)
                } else {
                        GError *local_error2 = NULL;
 
-                       e_source_set_connection_status (source, E_SOURCE_CONNECTION_STATUS_DISCONNECTED);
+                       e_source_set_connection_status (source,
+                               auth_result == E_SOURCE_AUTHENTICATION_ERROR_SSL_FAILED ?
+                               E_SOURCE_CONNECTION_STATUS_SSL_FAILED :
+                               E_SOURCE_CONNECTION_STATUS_DISCONNECTED);
 
                        if (!e_source_invoke_credentials_required_sync (source, reason, certificate_pem, 
certificate_errors,
                                local_error, thread_data->cancellable, &local_error2)) {
diff --git a/src/libedataserver/e-source-webdav.c b/src/libedataserver/e-source-webdav.c
index 7f98e1756..dfc679add 100644
--- a/src/libedataserver/e-source-webdav.c
+++ b/src/libedataserver/e-source-webdav.c
@@ -1533,3 +1533,53 @@ e_source_webdav_unset_temporary_ssl_trust (ESourceWebdav *extension)
            response == E_TRUST_PROMPT_RESPONSE_ACCEPT_TEMPORARILY)
                e_source_webdav_set_ssl_trust (extension, NULL);
 }
+
+/**
+ * e_source_webdav_get_ssl_trust_response:
+ * @extension: an #ESourceWebdav
+ *
+ * Returns: the last SSL trust response, as #ETrustPromptResponse, if none
+ *    is set, then returns %E_TRUST_PROMPT_RESPONSE_UNKNOWN
+ *
+ * Since: 3.32
+ **/
+ETrustPromptResponse
+e_source_webdav_get_ssl_trust_response (ESourceWebdav *extension)
+{
+       ETrustPromptResponse response = E_TRUST_PROMPT_RESPONSE_UNKNOWN;
+
+       g_return_val_if_fail (E_IS_SOURCE_WEBDAV (extension), E_TRUST_PROMPT_RESPONSE_UNKNOWN);
+
+       if (!decode_ssl_trust (extension, &response, NULL, NULL))
+               response = E_TRUST_PROMPT_RESPONSE_UNKNOWN;
+
+       return response;
+}
+
+/**
+ * e_source_webdav_set_ssl_trust_response:
+ * @extension: an #ESourceWebdav
+ * @response: an #ETrustPromptResponse to set
+ *
+ * Set the SSL trust response, as #ETrustPromptResponse, while keeping
+ * the certificate and host information as before. The function does
+ * nothing, when none SSL trust is set or when %E_TRUST_PROMPT_RESPONSE_UNKNOWN
+ * is used as the @response.
+ *
+ * Since: 3.32
+ **/
+void
+e_source_webdav_set_ssl_trust_response (ESourceWebdav *extension,
+                                       ETrustPromptResponse response)
+{
+       gchar *host = NULL, *hash = NULL;
+
+       g_return_if_fail (E_IS_SOURCE_WEBDAV (extension));
+
+       if (response != E_TRUST_PROMPT_RESPONSE_UNKNOWN &&
+           decode_ssl_trust (extension, NULL, &host, &hash))
+               encode_ssl_trust (extension, response, host, hash);
+
+       g_free (host);
+       g_free (hash);
+}
diff --git a/src/libedataserver/e-source-webdav.h b/src/libedataserver/e-source-webdav.h
index 1a9173361..f1c8da856 100644
--- a/src/libedataserver/e-source-webdav.h
+++ b/src/libedataserver/e-source-webdav.h
@@ -147,6 +147,12 @@ ETrustPromptResponse
                                                 GTlsCertificateFlags cert_errors);
 void           e_source_webdav_unset_temporary_ssl_trust
                                                (ESourceWebdav *extension);
+ETrustPromptResponse
+               e_source_webdav_get_ssl_trust_response
+                                               (ESourceWebdav *extension);
+void           e_source_webdav_set_ssl_trust_response
+                                               (ESourceWebdav *extension,
+                                                ETrustPromptResponse response);
 
 G_END_DECLS
 
diff --git a/src/libedataserverui/e-trust-prompt.c b/src/libedataserverui/e-trust-prompt.c
index 50d7634ee..71c217427 100644
--- a/src/libedataserverui/e-trust-prompt.c
+++ b/src/libedataserverui/e-trust-prompt.c
@@ -604,57 +604,55 @@ e_trust_prompt_run_for_source (GtkWindow *parent,
 
        certificate = g_tls_certificate_new_from_pem (certificate_pem, -1, &save_data->error);
        if (certificate) {
+               const gchar *source_extension = NULL;
+
                if (extension_webdav && host)
                        save_data->response = e_source_webdav_verify_ssl_trust (extension_webdav, host, 
certificate, 0);
                else
                        save_data->response = E_TRUST_PROMPT_RESPONSE_REJECT_TEMPORARILY;
 
-               if (save_data->response != E_TRUST_PROMPT_RESPONSE_REJECT) {
-                       const gchar *source_extension = NULL;
-
-                       if (e_source_has_extension (source, E_SOURCE_EXTENSION_ADDRESS_BOOK))
-                               source_extension = E_SOURCE_EXTENSION_ADDRESS_BOOK;
-
-                       if (e_source_has_extension (source, E_SOURCE_EXTENSION_CALENDAR)) {
-                               if (!source_extension)
-                                       source_extension = E_SOURCE_EXTENSION_CALENDAR;
-                               else
-                                       source_extension = E_SOURCE_EXTENSION_COLLECTION;
-                       }
+               if (e_source_has_extension (source, E_SOURCE_EXTENSION_ADDRESS_BOOK))
+                       source_extension = E_SOURCE_EXTENSION_ADDRESS_BOOK;
 
-                       if (e_source_has_extension (source, E_SOURCE_EXTENSION_MEMO_LIST)) {
-                               if (!source_extension)
-                                       source_extension = E_SOURCE_EXTENSION_MEMO_LIST;
-                               else
-                                       source_extension = E_SOURCE_EXTENSION_COLLECTION;
-                       }
+               if (e_source_has_extension (source, E_SOURCE_EXTENSION_CALENDAR)) {
+                       if (!source_extension)
+                               source_extension = E_SOURCE_EXTENSION_CALENDAR;
+                       else
+                               source_extension = E_SOURCE_EXTENSION_COLLECTION;
+               }
 
-                       if (e_source_has_extension (source, E_SOURCE_EXTENSION_TASK_LIST)) {
-                               if (!source_extension)
-                                       source_extension = E_SOURCE_EXTENSION_TASK_LIST;
-                               else
-                                       source_extension = E_SOURCE_EXTENSION_COLLECTION;
-                       }
+               if (e_source_has_extension (source, E_SOURCE_EXTENSION_MEMO_LIST)) {
+                       if (!source_extension)
+                               source_extension = E_SOURCE_EXTENSION_MEMO_LIST;
+                       else
+                               source_extension = E_SOURCE_EXTENSION_COLLECTION;
+               }
 
-                       if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_ACCOUNT)) {
-                               if (!source_extension)
-                                       source_extension = E_SOURCE_EXTENSION_MAIL_ACCOUNT;
-                               else
-                                       source_extension = E_SOURCE_EXTENSION_COLLECTION;
-                       }
+               if (e_source_has_extension (source, E_SOURCE_EXTENSION_TASK_LIST)) {
+                       if (!source_extension)
+                               source_extension = E_SOURCE_EXTENSION_TASK_LIST;
+                       else
+                               source_extension = E_SOURCE_EXTENSION_COLLECTION;
+               }
 
-                       if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_TRANSPORT)) {
-                               if (!source_extension)
-                                       source_extension = E_SOURCE_EXTENSION_MAIL_TRANSPORT;
-                               else
-                                       source_extension = E_SOURCE_EXTENSION_COLLECTION;
-                       }
+               if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_ACCOUNT)) {
+                       if (!source_extension)
+                               source_extension = E_SOURCE_EXTENSION_MAIL_ACCOUNT;
+                       else
+                               source_extension = E_SOURCE_EXTENSION_COLLECTION;
+               }
 
-                       save_data->response = e_trust_prompt_run_with_dialog_ready_callback (parent,
-                               source_extension, e_source_get_display_name (source), host,
-                               certificate_pem, certificate_errors, error_text,
-                               trust_prompt_listen_for_source_changes_cb, source);
+               if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_TRANSPORT)) {
+                       if (!source_extension)
+                               source_extension = E_SOURCE_EXTENSION_MAIL_TRANSPORT;
+                       else
+                               source_extension = E_SOURCE_EXTENSION_COLLECTION;
                }
+
+               save_data->response = e_trust_prompt_run_with_dialog_ready_callback (parent,
+                       source_extension, e_source_get_display_name (source), host,
+                       certificate_pem, certificate_errors, error_text,
+                       trust_prompt_listen_for_source_changes_cb, source);
        }
 
        g_signal_handlers_disconnect_matched (source, G_SIGNAL_MATCH_FUNC, 0, 0, NULL,


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]