diff options
Diffstat (limited to 'Swift/Controllers')
-rw-r--r-- | Swift/Controllers/MainController.cpp | 48 | ||||
-rw-r--r-- | Swift/Controllers/UIInterfaces/LoginWindow.h | 12 |
2 files changed, 34 insertions, 26 deletions
diff --git a/Swift/Controllers/MainController.cpp b/Swift/Controllers/MainController.cpp index f4fdff6..74e381a 100644 --- a/Swift/Controllers/MainController.cpp +++ b/Swift/Controllers/MainController.cpp @@ -409,6 +409,7 @@ void MainController::handleDisconnected(const boost::optional<ClientError>& erro } else if (error) { String message; + String certificateErrorMessage; switch(error->getType()) { case ClientError::UnknownError: message = "Unknown Error"; break; case ClientError::DomainNameResolveError: message = "Unable to find server"; break; @@ -428,26 +429,35 @@ void MainController::handleDisconnected(const boost::optional<ClientError>& erro case ClientError::ClientCertificateLoadError: message = "Error loading certificate (Invalid password?)"; break; case ClientError::ClientCertificateError: message = "Certificate not authorized"; break; - case ClientError::UnknownCertificateError: - case ClientError::CertificateExpiredError: - case ClientError::CertificateNotYetValidError: - case ClientError::CertificateSelfSignedError: - case ClientError::CertificateRejectedError: - case ClientError::CertificateUntrustedError: - case ClientError::InvalidCertificatePurposeError: - case ClientError::CertificatePathLengthExceededError: - case ClientError::InvalidCertificateSignatureError: - case ClientError::InvalidCAError: - case ClientError::InvalidServerIdentityError: - // FIXME: Popup a dialog - message = "Certificate error (" + boost::lexical_cast<std::string>(error->getType()) + ")"; - if (loginWindow_->askUserToTrustCertificatePermanently(message)) { - // FIXME: Only do this if the user accepts the certificate - certificateStorage_->addCertificate(certificateTrustChecker_->getLastCertificate()); - } - break; + case ClientError::UnknownCertificateError: certificateErrorMessage = "Unknown certificate"; break; + case ClientError::CertificateExpiredError: certificateErrorMessage = "Certificate has expired"; break; + case ClientError::CertificateNotYetValidError: certificateErrorMessage = "Certificate is not yet valid"; break; + case ClientError::CertificateSelfSignedError: certificateErrorMessage = "Certificate is self-signed"; break; + case ClientError::CertificateRejectedError: certificateErrorMessage = "Certificate has been rejected"; break; + case ClientError::CertificateUntrustedError: certificateErrorMessage = "Certificate is not trusted"; break; + case ClientError::InvalidCertificatePurposeError: certificateErrorMessage = "Certificate cannot be used for encryptig your connection"; break; + case ClientError::CertificatePathLengthExceededError: certificateErrorMessage = "Certificate path length constraint exceeded"; break; + case ClientError::InvalidCertificateSignatureError: certificateErrorMessage = "Invalid certificate signature"; break; + case ClientError::InvalidCAError: certificateErrorMessage = "Invalid Certificate Authority"; break; + case ClientError::InvalidServerIdentityError: certificateErrorMessage = "Certificate does not match the host identity"; break; + + } + bool forceReconnectAfterCertificateTrust = false; + if (!certificateErrorMessage.isEmpty()) { + Certificate::ref certificate = certificateTrustChecker_->getLastCertificate(); + if (loginWindow_->askUserToTrustCertificatePermanently(certificateErrorMessage, certificate)) { + certificateStorage_->addCertificate(certificate); + forceReconnectAfterCertificateTrust = true; + } + else { + message = "Certificate error"; + } + } + + if (forceReconnectAfterCertificateTrust) { + performLoginFromCachedCredentials(); } - if (!rosterController_) { //hasn't been logged in yet + else if (!rosterController_) { //hasn't been logged in yet signOut(); loginWindow_->setMessage(message); } else { diff --git a/Swift/Controllers/UIInterfaces/LoginWindow.h b/Swift/Controllers/UIInterfaces/LoginWindow.h index e9ea92f..a25cdb9 100644 --- a/Swift/Controllers/UIInterfaces/LoginWindow.h +++ b/Swift/Controllers/UIInterfaces/LoginWindow.h @@ -4,14 +4,14 @@ * See Documentation/Licenses/GPLv3.txt for more information. */ -#ifndef SWIFTEN_LoginWindow_H -#define SWIFTEN_LoginWindow_H - -#include "Swiften/Base/String.h" +#pragma once #include "Swiften/Base/boost_bsignals.h" #include <boost/shared_ptr.hpp> +#include <Swiften/Base/String.h> +#include <Swiften/TLS/Certificate.h> + namespace Swift { class MainWindow; class LoginWindow { @@ -27,11 +27,9 @@ namespace Swift { virtual void setLoginAutomatically(bool loginAutomatically) = 0; virtual void quit() = 0; /** Blocking request whether a cert should be permanently trusted.*/ - virtual bool askUserToTrustCertificatePermanently(const String& message) = 0; + virtual bool askUserToTrustCertificatePermanently(const String& message, Certificate::ref) = 0; boost::signal<void ()> onCancelLoginRequest; boost::signal<void ()> onQuitRequest; }; } -#endif - |