From c8603ee2ea4dfe9b881367198dbd259986345412 Mon Sep 17 00:00:00 2001
From: Kevin Smith <git@kismith.co.uk>
Date: Mon, 13 Dec 2010 15:49:19 +0000
Subject: Initial cert confirmation


diff --git a/Swift/Controllers/MainController.cpp b/Swift/Controllers/MainController.cpp
index f215dc6..f4fdff6 100644
--- a/Swift/Controllers/MainController.cpp
+++ b/Swift/Controllers/MainController.cpp
@@ -365,7 +365,7 @@ void MainController::performLoginFromCachedCredentials() {
 		client_ = new Swift::Client(eventLoop_, &networkFactories_, jid_, password_, storages_);
 		client_->setCertificateTrustChecker(certificateTrustChecker_);
 		// FIXME: Remove this line to activate the trust checker
-		client_->setAlwaysTrustCertificates();
+		//client_->setAlwaysTrustCertificates();
 		client_->onDataRead.connect(boost::bind(&XMLConsoleController::handleDataRead, xmlConsoleController_, _1));
 		client_->onDataWritten.connect(boost::bind(&XMLConsoleController::handleDataWritten, xmlConsoleController_, _1));
 		client_->onDisconnected.connect(boost::bind(&MainController::handleDisconnected, this, _1));
@@ -441,8 +441,10 @@ void MainController::handleDisconnected(const boost::optional<ClientError>& erro
 			case ClientError::InvalidServerIdentityError:
 				// FIXME: Popup a dialog
 				message = "Certificate error (" + boost::lexical_cast<std::string>(error->getType()) + ")";
-				// FIXME: Only do this if the user accepts the certificate
-				//certificateStorage_->addCertificate(certificateTrustChecker_->getLastCertificate());
+				if (loginWindow_->askUserToTrustCertificatePermanently(message)) {
+					// FIXME: Only do this if the user accepts the certificate
+					certificateStorage_->addCertificate(certificateTrustChecker_->getLastCertificate());
+				}
 				break;
 		}
 		if (!rosterController_) { //hasn't been logged in yet
diff --git a/Swift/Controllers/UIInterfaces/LoginWindow.h b/Swift/Controllers/UIInterfaces/LoginWindow.h
index 54d8099..e9ea92f 100644
--- a/Swift/Controllers/UIInterfaces/LoginWindow.h
+++ b/Swift/Controllers/UIInterfaces/LoginWindow.h
@@ -26,6 +26,8 @@ namespace Swift {
 			boost::signal<void (const String&, const String&, const String& /* certificateFile */, bool /* remember password*/, bool /* login automatically */)> onLoginRequest;
 			virtual void setLoginAutomatically(bool loginAutomatically) = 0;
 			virtual void quit() = 0;
+			/** Blocking request whether a cert should be permanently trusted.*/
+			virtual bool askUserToTrustCertificatePermanently(const String& message) = 0;
 
 			boost::signal<void ()> onCancelLoginRequest;
 			boost::signal<void ()> onQuitRequest;
diff --git a/Swift/QtUI/QtLoginWindow.cpp b/Swift/QtUI/QtLoginWindow.cpp
index 72c68b5..42641ba 100644
--- a/Swift/QtUI/QtLoginWindow.cpp
+++ b/Swift/QtUI/QtLoginWindow.cpp
@@ -22,6 +22,7 @@
 #include <QHBoxLayout>
 #include <qdebug.h>
 #include <QCloseEvent>
+#include <QMessageBox>
 
 #include "Swift/Controllers/UIEvents/UIEventStream.h"
 #include "Swift/Controllers/UIEvents/RequestXMLConsoleUIEvent.h"
@@ -390,4 +391,13 @@ void QtLoginWindow::moveEvent(QMoveEvent*) {
 	emit geometryChanged();	
 }
 
+bool QtLoginWindow::askUserToTrustCertificatePermanently(const String& message) {
+	QMessageBox dialog(this);
+	dialog.setText("Invalid server certificate.");
+	dialog.setInformativeText("The certificate presented by the server is not valid. " + P2QSTRING(message) + " Would you like to permanently trust this certificate? This must only be done if you know it is correct.");
+	dialog.setStandardButtons(QMessageBox::Yes | QMessageBox::No);
+	dialog.setDefaultButton(QMessageBox::No);
+	return dialog.exec() == QMessageBox::Yes;
+}
+
 }
diff --git a/Swift/QtUI/QtLoginWindow.h b/Swift/QtUI/QtLoginWindow.h
index e87c5f1..3978d73 100644
--- a/Swift/QtUI/QtLoginWindow.h
+++ b/Swift/QtUI/QtLoginWindow.h
@@ -39,6 +39,7 @@ namespace Swift {
 			static QRect defaultPosition();
 			void setGentleGeometry(const QRect&);
 			void selectUser(const String& user);
+			bool askUserToTrustCertificatePermanently(const String& message);
 
 			virtual void quit();
 
-- 
cgit v0.10.2-6-g49f6