[geary/wip/20-cert-pinning: 23/32] Tidy up all of the various untrusted_host signals
- From: Michael Gratton <mjog src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [geary/wip/20-cert-pinning: 23/32] Tidy up all of the various untrusted_host signals
- Date: Tue, 8 Jan 2019 13:01:31 +0000 (UTC)
commit d61552957f2835b8b42662343a2cdf76f2ecfd2b
Author: Michael Gratton <mike vee net>
Date: Thu Dec 27 16:56:11 2018 +1100
Tidy up all of the various untrusted_host signals
Remove it from Geary.Engine, since it just adds complexity without
making API client use any easier. Replace the TLS negotiate method on
the remaining versions of the signal with the Endpoint, since it's handy
to have and the negotiation method can be obtained from that if needed.
src/client/application/geary-controller.vala | 20 +++++++++++---------
src/engine/api/geary-account-information.vala | 10 ++++++++--
src/engine/api/geary-client-service.vala | 4 ++--
src/engine/api/geary-endpoint.vala | 21 +++++++++++++--------
src/engine/api/geary-engine.vala | 23 -----------------------
5 files changed, 34 insertions(+), 44 deletions(-)
---
diff --git a/src/client/application/geary-controller.vala b/src/client/application/geary-controller.vala
index d726eafd..70a72c82 100644
--- a/src/client/application/geary-controller.vala
+++ b/src/client/application/geary-controller.vala
@@ -289,7 +289,6 @@ public class GearyController : Geary.BaseObject {
enable_message_buttons(false);
engine.account_available.connect(on_account_available);
- engine.untrusted_host.connect(on_untrusted_host);
// Connect to various UI signals.
main_window.conversation_list_view.conversations_selected.connect(on_conversations_selected);
@@ -404,7 +403,6 @@ public class GearyController : Geary.BaseObject {
this.open_cancellable = null;
Geary.Engine.instance.account_available.disconnect(on_account_available);
- Geary.Engine.instance.untrusted_host.disconnect(on_untrusted_host);
// Release folder and conversations in the main window
on_conversations_selected(new Gee.HashSet<Geary.App.Conversation>());
@@ -638,6 +636,7 @@ public class GearyController : Geary.BaseObject {
account.information.authentication_failure.connect(
on_authentication_failure
);
+ account.information.untrusted_host.connect(on_untrusted_host);
account.notify["current-status"].connect(
on_account_status_notify
);
@@ -674,6 +673,7 @@ public class GearyController : Geary.BaseObject {
account.information.authentication_failure.disconnect(
on_authentication_failure
);
+ account.information.untrusted_host.disconnect(on_untrusted_host);
account.notify["current-status"].disconnect(
on_account_status_notify
);
@@ -682,13 +682,6 @@ public class GearyController : Geary.BaseObject {
}
}
- private void on_untrusted_host(Geary.AccountInformation account,
- Geary.ServiceInformation service,
- Geary.TlsNegotiationMethod method,
- TlsConnection cx) {
- this.prompt_untrusted_host_async.begin(account, service, method, cx);
- }
-
private async void
prompt_untrusted_host_async(Geary.AccountInformation account,
Geary.ServiceInformation service,
@@ -3061,6 +3054,15 @@ public class GearyController : Geary.BaseObject {
}
}
+ private void on_untrusted_host(Geary.AccountInformation account,
+ Geary.ServiceInformation service,
+ Geary.Endpoint endpoint,
+ TlsConnection cx) {
+ this.prompt_untrusted_host_async.begin(
+ account, service, endpoint.tls_method, cx
+ );
+ }
+
private void on_retry_service_problem(Geary.ClientService.Status type) {
bool auth_restarted = false;
foreach (AccountContext context in this.accounts.values) {
diff --git a/src/engine/api/geary-account-information.vala b/src/engine/api/geary-account-information.vala
index c4d2df2e..7e9d443c 100644
--- a/src/engine/api/geary-account-information.vala
+++ b/src/engine/api/geary-account-information.vala
@@ -221,16 +221,22 @@ public class Geary.AccountInformation : BaseObject {
public signal void authentication_failure(ServiceInformation service);
/**
- * Emitted when a service has reported TLS certificate warnings.
+ * Emitted when an endpoint has reported TLS certificate warnings.
+ *
+ * This signal is emitted when either of the incoming or outgoing
+ * endpoints emit the signal with the same name. It may be more
+ * convenient for clients to connect to this instead.
*
* No further connection attempts will be made after this signal
* has been fired until the associated {@link ClientService} has
* been restarted. It is up to the client to prompt the user to
* take action about the certificate (e.g. decide to pin it) then
* restart the service.
+ *
+ * @see Endpoint.untrusted_host
*/
public signal void untrusted_host(ServiceInformation service,
- TlsNegotiationMethod method,
+ Endpoint endpoint,
GLib.TlsConnection cx);
/** Emitted when the account settings have changed. */
diff --git a/src/engine/api/geary-client-service.vala b/src/engine/api/geary-client-service.vala
index 982b1855..afd4d298 100644
--- a/src/engine/api/geary-client-service.vala
+++ b/src/engine/api/geary-client-service.vala
@@ -434,14 +434,14 @@ public abstract class Geary.ClientService : BaseObject {
}
}
- private void on_untrusted_host(Geary.TlsNegotiationMethod method,
+ private void on_untrusted_host(Endpoint remote,
GLib.TlsConnection cx) {
if (this.is_running) {
this.current_status = TLS_VALIDATION_FAILED;
this.became_reachable_timer.reset();
this.became_unreachable_timer.reset();
became_unreachable();
- this.account.untrusted_host(this.configuration, method, cx);
+ this.account.untrusted_host(this.configuration, remote, cx);
}
}
diff --git a/src/engine/api/geary-endpoint.vala b/src/engine/api/geary-endpoint.vala
index b1174c6c..a19bd2d7 100644
--- a/src/engine/api/geary-endpoint.vala
+++ b/src/engine/api/geary-endpoint.vala
@@ -130,18 +130,23 @@ public class Geary.Endpoint : BaseObject {
private SocketClient? socket_client = null;
+
/**
- * Fired when TLS certificate warnings are detected and the caller has not marked this
- * {@link Endpoint} as trusted via {@link trust_untrusted_host}.
+ * Emitted when unexpected TLS certificate warnings are detected.
+ *
+ * This occurs when a connection receives a TLS certificate
+ * warning and the caller has not marked this endpoint as trusted
+ * via {@link trust_untrusted_host}.
*
- * The connection will be closed when this is fired. The caller should query the user about
- * how to deal with the situation. If user wants to proceed, set {@link trust_untrusted_host}
- * to {@link Trillian.TRUE} and retry connection.
+ * The connection will be closed when this is fired. The caller
+ * should query the user about how to deal with the situation. If
+ * user wants to proceed, set {@link trust_untrusted_host} to
+ * {@link Trillian.TRUE} and retry connection.
*
+ * @see AccountInformation.untrusted_host
* @see tls_validation_warnings
*/
- public signal void untrusted_host(TlsNegotiationMethod method,
- GLib.TlsConnection cx);
+ public signal void untrusted_host(GLib.TlsConnection cx);
public Endpoint(GLib.SocketConnectable remote,
@@ -219,7 +224,7 @@ public class Geary.Endpoint : BaseObject {
return true;
// signal an issue has been detected and return false to deny the connection
- untrusted_host(this.tls_method, cx);
+ untrusted_host(cx);
return false;
}
diff --git a/src/engine/api/geary-engine.vala b/src/engine/api/geary-engine.vala
index 04f469b4..8d37ce7e 100644
--- a/src/engine/api/geary-engine.vala
+++ b/src/engine/api/geary-engine.vala
@@ -108,19 +108,6 @@ public class Geary.Engine : BaseObject {
*/
public signal void account_unavailable(AccountInformation account);
- /**
- * Emitted when a service has reported TLS certificate warnings.
- *
- * This may be fired during normal operation or while validating
- * the account information, in which case there is no {@link
- * Account} associated with it.
- *
- * @see AccountInformation.untrusted_host
- */
- public signal void untrusted_host(AccountInformation account,
- ServiceInformation service,
- TlsNegotiationMethod method,
- GLib.TlsConnection cx);
// Public so it can be tested
public Engine() {
@@ -390,7 +377,6 @@ public class Geary.Engine : BaseObject {
}
accounts.set(account.id, account);
- account.untrusted_host.connect(on_untrusted_host);
account_available(account);
}
@@ -410,8 +396,6 @@ public class Geary.Engine : BaseObject {
}
if (this.accounts.has_key(account.id)) {
- account.untrusted_host.disconnect(on_untrusted_host);
-
// Send the account-unavailable signal, account will be
// removed client side.
account_unavailable(account);
@@ -506,11 +490,4 @@ public class Geary.Engine : BaseObject {
return shared;
}
-
- private void on_untrusted_host(AccountInformation account,
- ServiceInformation service,
- TlsNegotiationMethod method,
- GLib.TlsConnection cx) {
- untrusted_host(account, service, method, cx);
- }
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]