2 * module-trust-prompt.c
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU Lesser General Public
6 * License as published by the Free Software Foundation; either
7 * version 2 of the License, or (at your option) version 3.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * Lesser General Public License for more details.
14 * You should have received a copy of the GNU Lesser General Public
15 * License along with the program; if not, see <http://www.gnu.org/licenses/>
21 #endif /* HAVE_CONFIG_H */
23 #include <glib/gi18n-lib.h>
25 #include <libebackend/libebackend.h>
26 #include "trust-prompt.h"
28 /* Standard GObject macros */
29 #define E_TYPE_TRUST_PROMPT (e_trust_prompt_get_type ())
30 #define E_TRUST_PROMPT(obj) (G_TYPE_CHECK_INSTANCE_CAST ((obj), E_TYPE_TRUST_PROMPT, ETrustPrompt))
32 typedef struct _ETrustPrompt ETrustPrompt;
33 typedef struct _ETrustPromptClass ETrustPromptClass;
35 struct _ETrustPrompt {
36 EUserPrompterServerExtension parent;
39 struct _ETrustPromptClass {
40 EUserPrompterServerExtensionClass parent_class;
43 /* Module Entry Points */
44 void e_module_load (GTypeModule *type_module);
45 void e_module_unload (GTypeModule *type_module);
47 /* Forward Declarations */
48 GType e_trust_prompt_get_type (void);
50 G_DEFINE_DYNAMIC_TYPE (
53 E_TYPE_USER_PROMPTER_SERVER_EXTENSION)
55 #define TRUST_PROMPT_DIALOG "ETrustPrompt::trust-prompt"
57 /* dialog definitions */
59 /* ETrustPrompt::trust-prompt
60 * The dialog expects these parameters:
61 * "host" - host from which the certificate is received
62 * "markup" - markup for the trust prompt, if not set, then "SSL certificate for '<b>host</b>' is not trusted. Do you wish to accept it?" is used
63 * "certificate" - a base64-encoded DER certificate, for which ask on trust
64 * "certificate-errors" - a hexa-decimal integer (as string) corresponding to GTlsCertificateFlags
66 * Result of the dialog is:
68 * 1 - accept permanently
69 * 2 - accept temporarily
70 * -1 - user didn't choose any of the above
72 * The dialog doesn't provide any additional values in the response.
76 cert_errors_to_reason (GTlsCertificateFlags flags)
78 struct _convert_table {
79 GTlsCertificateFlags flag;
80 const gchar *description;
82 { G_TLS_CERTIFICATE_UNKNOWN_CA,
83 N_("The signing certificate authority is not known.") },
84 { G_TLS_CERTIFICATE_BAD_IDENTITY,
85 N_("The certificate does not match the expected identity of the site that it was retrieved from.") },
86 { G_TLS_CERTIFICATE_NOT_ACTIVATED,
87 N_("The certificate's activation time is still in the future.") },
88 { G_TLS_CERTIFICATE_EXPIRED,
89 N_("The certificate has expired.") },
90 { G_TLS_CERTIFICATE_REVOKED,
91 N_("The certificate has been revoked according to the connection's certificate revocation list.") },
92 { G_TLS_CERTIFICATE_INSECURE,
93 N_("The certificate's algorithm is considered insecure.") }
96 GString *reason = g_string_new ("");
99 for (ii = 0; ii < G_N_ELEMENTS (convert_table); ii++) {
100 if ((flags & convert_table[ii].flag) != 0) {
102 g_string_append (reason, "\n");
104 g_string_append (reason, _(convert_table[ii].description));
108 return g_string_free (reason, FALSE);
112 parser_parsed_cb (GcrParser *parser,
113 GcrParsed **out_parsed)
117 parsed = gcr_parser_get_parsed (parser);
118 g_return_if_fail (parsed != NULL);
120 *out_parsed = gcr_parsed_ref (parsed);
124 trust_prompt_show_trust_prompt (EUserPrompterServerExtension *extension,
126 const ENamedParameters *parameters)
128 const gchar *host, *markup, *base64_cert, *cert_errs_str;
132 GcrParsed *parsed = NULL;
136 GError *local_error = NULL;
138 g_return_val_if_fail (extension != NULL, FALSE);
139 g_return_val_if_fail (parameters != NULL, FALSE);
141 /* Continue even if PKCS#11 module registration fails.
142 * Certificate details won't display correctly but the
143 * user can still respond to the prompt. */
144 gcr_pkcs11_initialize (NULL, &local_error);
145 if (local_error != NULL) {
146 g_warning ("%s: %s", G_STRFUNC, local_error->message);
147 g_clear_error (&local_error);
150 host = e_named_parameters_get (parameters, "host");
151 markup = e_named_parameters_get (parameters, "markup");
152 base64_cert = e_named_parameters_get (parameters, "certificate");
153 cert_errs_str = e_named_parameters_get (parameters, "certificate-errors");
155 g_return_val_if_fail (host != NULL, FALSE);
156 g_return_val_if_fail (base64_cert != NULL, FALSE);
157 g_return_val_if_fail (cert_errs_str != NULL, FALSE);
159 cert_errs = g_ascii_strtoll (cert_errs_str, NULL, 16);
160 reason = cert_errors_to_reason (cert_errs);
162 parser = gcr_parser_new ();
166 G_CALLBACK (parser_parsed_cb), &parsed);
168 data = g_base64_decode (base64_cert, &data_length);
169 gcr_parser_parse_data (parser, data, data_length, &local_error);
172 g_object_unref (parser);
176 ((parsed != NULL) && (local_error == NULL)) ||
177 ((parsed == NULL) && (local_error != NULL)));
179 if (parsed != NULL) {
180 success = trust_prompt_show (
181 extension, prompt_id, host, markup, parsed, reason);
182 gcr_parsed_unref (parsed);
185 if (local_error != NULL) {
186 g_warning ("%s: %s", G_STRFUNC, local_error->message);
187 g_clear_error (&local_error);
196 trust_prompt_register_dialogs (EExtension *extension,
197 EUserPrompterServer *server)
199 e_user_prompter_server_register (server, extension, TRUST_PROMPT_DIALOG);
203 trust_prompt_prompt (EUserPrompterServerExtension *extension,
205 const gchar *dialog_name,
206 const ENamedParameters *parameters)
208 if (g_strcmp0 (dialog_name, TRUST_PROMPT_DIALOG) == 0)
209 return trust_prompt_show_trust_prompt (extension, prompt_id, parameters);
215 e_trust_prompt_class_init (ETrustPromptClass *class)
217 EUserPrompterServerExtensionClass *server_extension_class;
219 server_extension_class = E_USER_PROMPTER_SERVER_EXTENSION_CLASS (class);
220 server_extension_class->register_dialogs = trust_prompt_register_dialogs;
221 server_extension_class->prompt = trust_prompt_prompt;
225 e_trust_prompt_class_finalize (ETrustPromptClass *class)
230 e_trust_prompt_init (ETrustPrompt *trust_prompt)
235 e_module_load (GTypeModule *type_module)
237 e_trust_prompt_register_type (type_module);
241 e_module_unload (GTypeModule *type_module)