#include <gcr/gcr.h>
#include <telepathy-glib/util.h>
-#include "gcr-simple-certificate.h"
+#include <gcr/gcr.h>
#define DEBUG_FLAG EMPATHY_DEBUG_TLS
#include <libempathy/empathy-debug.h>
details = priv->details;
g_string_append (str, _("The identity provided by the chat server cannot be "
- "verified.\n"));
+ "verified."));
+ g_string_append (str, "\n\n");
switch (reason)
{
case EMP_TLS_CERTIFICATE_REJECT_REASON_UNTRUSTED:
reason_str = _("The certificate is not signed by a Certification "
- "Authority");
+ "Authority.");
break;
case EMP_TLS_CERTIFICATE_REJECT_REASON_EXPIRED:
- reason_str = _("The certificate has expired");
+ reason_str = _("The certificate has expired.");
break;
case EMP_TLS_CERTIFICATE_REJECT_REASON_NOT_ACTIVATED:
- reason_str = _("The certificate hasn't yet been activated");
+ reason_str = _("The certificate hasn't yet been activated.");
break;
case EMP_TLS_CERTIFICATE_REJECT_REASON_FINGERPRINT_MISMATCH:
- reason_str = _("The certificate does not have the expected fingerprint");
+ reason_str = _("The certificate does not have the expected fingerprint.");
break;
case EMP_TLS_CERTIFICATE_REJECT_REASON_HOSTNAME_MISMATCH:
reason_str = _("The hostname verified by the certificate doesn't match "
- "the server name");
+ "the server name.");
break;
case EMP_TLS_CERTIFICATE_REJECT_REASON_SELF_SIGNED:
- reason_str = _("The certificate is self-signed");
+ reason_str = _("The certificate is self-signed.");
break;
case EMP_TLS_CERTIFICATE_REJECT_REASON_REVOKED:
reason_str = _("The certificate has been revoked by the issuing "
- "Certification Authority");
+ "Certification Authority.");
break;
case EMP_TLS_CERTIFICATE_REJECT_REASON_INSECURE:
- reason_str = _("The certificate is cryptographically weak");
+ reason_str = _("The certificate is cryptographically weak.");
break;
case EMP_TLS_CERTIFICATE_REJECT_REASON_LIMIT_EXCEEDED:
- reason_str = _("The certificate length exceeds verifiable limits");
+ reason_str = _("The certificate length exceeds verifiable limits.");
break;
case EMP_TLS_CERTIFICATE_REJECT_REASON_UNKNOWN:
default:
- reason_str = _("The certificate is malformed");
+ reason_str = _("The certificate is malformed.");
break;
}
- g_string_append_printf (str, "%s.", reason_str);
+ g_string_append (str, reason_str);
/* add more information in case of HOSTNAME_MISMATCH */
if (reason == EMP_TLS_CERTIFICATE_REJECT_REASON_HOSTNAME_MISMATCH)
if (expected_hostname != NULL && certificate_hostname != NULL)
{
- g_string_append (str, "\n");
+ g_string_append (str, "\n\n");
g_string_append_printf (str, _("Expected hostname: %s"),
expected_hostname);
g_string_append (str, "\n");
static GtkWidget *
build_gcr_widget (EmpathyTLSDialog *self)
{
- GcrCertificateBasicsWidget *widget;
+ GcrCertificateWidget *widget;
GcrCertificate *certificate;
GPtrArray *cert_chain = NULL;
GArray *first_cert;
+ int height;
EmpathyTLSDialogPriv *priv = GET_PRIV (self);
g_object_get (priv->certificate,
certificate = gcr_simple_certificate_new ((const guchar *) first_cert->data,
first_cert->len);
- widget = gcr_certificate_basics_widget_new (certificate);
+ widget = gcr_certificate_widget_new (certificate);
+
+ /* FIXME: make this widget bigger by default -- GTK+ should really handle
+ * this sort of thing for us */
+ gtk_widget_get_preferred_height (GTK_WIDGET (widget), NULL, &height);
+ /* force the widget to at least 150 pixels high */
+ gtk_widget_set_size_request (GTK_WIDGET (widget), -1, MAX (height, 150));
g_object_unref (certificate);
g_ptr_array_unref (cert_chain);
g_object_notify (G_OBJECT (self), "remember");
}
+static void
+certificate_invalidated_cb (EmpathyTLSCertificate *certificate,
+ guint domain,
+ gint code,
+ gchar *message,
+ EmpathyTLSDialog *self)
+{
+ gtk_widget_destroy (GTK_WIDGET (self));
+}
+
static void
empathy_tls_dialog_constructed (GObject *object)
{
text = reason_to_string (self);
g_object_set (message_dialog,
+ "title", _("Untrusted connection"),
"text", _("This connection is untrusted. Would you like to "
"continue anyway?"),
"secondary-text", text,
content_area = gtk_dialog_get_content_area (dialog);
- /* FIXME: right now we do this only if the error is SelfSigned, as we can
- * easily store the new CA cert in $XDG_CONFIG_DIR/telepathy/certs in that
- * case. For the other errors, we probably need a smarter/more powerful
- * certificate storage.
- */
- if (priv->reason == EMP_TLS_CERTIFICATE_REJECT_REASON_SELF_SIGNED)
- {
- checkbox = gtk_check_button_new_with_label (
- _("Remember this choice for future connections"));
- gtk_box_pack_end (GTK_BOX (content_area), checkbox, FALSE, FALSE, 0);
- gtk_widget_show (checkbox);
-
- g_signal_connect (checkbox, "toggled",
- G_CALLBACK (checkbox_toggled_cb), self);
- }
+ checkbox = gtk_check_button_new_with_label (
+ _("Remember this choice for future connections"));
+ gtk_box_pack_end (GTK_BOX (content_area), checkbox, FALSE, FALSE, 0);
+ gtk_widget_show (checkbox);
+ g_signal_connect (checkbox, "toggled", G_CALLBACK (checkbox_toggled_cb),
+ self);
text = g_strdup_printf ("<b>%s</b>", _("Certificate Details"));
expander = gtk_expander_new (text);
details = build_gcr_widget (self);
gtk_container_add (GTK_CONTAINER (expander), details);
gtk_widget_show (details);
+
+ gtk_window_set_keep_above (GTK_WINDOW (self), TRUE);
+
+ tp_g_signal_connect_object (priv->certificate, "invalidated",
+ G_CALLBACK (certificate_invalidated_cb), self, 0);
}
static void