diff options
author | Milan Crha <mcrha@redhat.com> | 2019-02-18 19:02:38 +0100 |
---|---|---|
committer | Milan Crha <mcrha@redhat.com> | 2019-02-18 19:02:38 +0100 |
commit | eeef8c7b992b5fb0a8ec883d487f6b173cba312d (patch) | |
tree | 75613db42462780263e04d92fc3d6ea3e86a4ab9 | |
parent | e54f13d564cdc2eedaa44fbd5126ea3adacdf72b (diff) | |
download | evolution-data-server-eeef8c7b992b5fb0a8ec883d487f6b173cba312d.tar.gz |
I#86 - Rejecting connection certificate causes constant connection retries
Closes https://gitlab.gnome.org/GNOME/evolution-data-server/issues/86
-rw-r--r-- | src/calendar/libedata-cal/e-cal-meta-backend.c | 5 | ||||
-rw-r--r-- | src/libebackend/e-backend.c | 5 | ||||
-rw-r--r-- | src/libedataserver/e-source-webdav.c | 50 | ||||
-rw-r--r-- | src/libedataserver/e-source-webdav.h | 6 | ||||
-rw-r--r-- | src/libedataserverui/e-trust-prompt.c | 78 |
5 files changed, 102 insertions, 42 deletions
diff --git a/src/calendar/libedata-cal/e-cal-meta-backend.c b/src/calendar/libedata-cal/e-cal-meta-backend.c index fbad412d8..fbd1e62d5 100644 --- a/src/calendar/libedata-cal/e-cal-meta-backend.c +++ b/src/calendar/libedata-cal/e-cal-meta-backend.c @@ -2903,7 +2903,10 @@ ecmb_authenticate_sync (EBackend *backend, if (auth_result == E_SOURCE_AUTHENTICATION_UNKNOWN) auth_result = E_SOURCE_AUTHENTICATION_ERROR; - e_source_set_connection_status (e_backend_get_source (backend), E_SOURCE_CONNECTION_STATUS_DISCONNECTED); + e_source_set_connection_status (e_backend_get_source (backend), + auth_result == E_SOURCE_AUTHENTICATION_ERROR_SSL_FAILED ? + E_SOURCE_CONNECTION_STATUS_SSL_FAILED : + E_SOURCE_CONNECTION_STATUS_DISCONNECTED); } g_mutex_unlock (&meta_backend->priv->connect_lock); diff --git a/src/libebackend/e-backend.c b/src/libebackend/e-backend.c index 40d94a5bf..9b6e8c7d4 100644 --- a/src/libebackend/e-backend.c +++ b/src/libebackend/e-backend.c @@ -446,7 +446,10 @@ backend_source_authenticate_thread (gpointer user_data) } else { GError *local_error2 = NULL; - e_source_set_connection_status (source, E_SOURCE_CONNECTION_STATUS_DISCONNECTED); + e_source_set_connection_status (source, + auth_result == E_SOURCE_AUTHENTICATION_ERROR_SSL_FAILED ? + E_SOURCE_CONNECTION_STATUS_SSL_FAILED : + E_SOURCE_CONNECTION_STATUS_DISCONNECTED); if (!e_source_invoke_credentials_required_sync (source, reason, certificate_pem, certificate_errors, local_error, thread_data->cancellable, &local_error2)) { diff --git a/src/libedataserver/e-source-webdav.c b/src/libedataserver/e-source-webdav.c index 7f98e1756..dfc679add 100644 --- a/src/libedataserver/e-source-webdav.c +++ b/src/libedataserver/e-source-webdav.c @@ -1533,3 +1533,53 @@ e_source_webdav_unset_temporary_ssl_trust (ESourceWebdav *extension) response == E_TRUST_PROMPT_RESPONSE_ACCEPT_TEMPORARILY) e_source_webdav_set_ssl_trust (extension, NULL); } + +/** + * e_source_webdav_get_ssl_trust_response: + * @extension: an #ESourceWebdav + * + * Returns: the last SSL trust response, as #ETrustPromptResponse, if none + * is set, then returns %E_TRUST_PROMPT_RESPONSE_UNKNOWN + * + * Since: 3.32 + **/ +ETrustPromptResponse +e_source_webdav_get_ssl_trust_response (ESourceWebdav *extension) +{ + ETrustPromptResponse response = E_TRUST_PROMPT_RESPONSE_UNKNOWN; + + g_return_val_if_fail (E_IS_SOURCE_WEBDAV (extension), E_TRUST_PROMPT_RESPONSE_UNKNOWN); + + if (!decode_ssl_trust (extension, &response, NULL, NULL)) + response = E_TRUST_PROMPT_RESPONSE_UNKNOWN; + + return response; +} + +/** + * e_source_webdav_set_ssl_trust_response: + * @extension: an #ESourceWebdav + * @response: an #ETrustPromptResponse to set + * + * Set the SSL trust response, as #ETrustPromptResponse, while keeping + * the certificate and host information as before. The function does + * nothing, when none SSL trust is set or when %E_TRUST_PROMPT_RESPONSE_UNKNOWN + * is used as the @response. + * + * Since: 3.32 + **/ +void +e_source_webdav_set_ssl_trust_response (ESourceWebdav *extension, + ETrustPromptResponse response) +{ + gchar *host = NULL, *hash = NULL; + + g_return_if_fail (E_IS_SOURCE_WEBDAV (extension)); + + if (response != E_TRUST_PROMPT_RESPONSE_UNKNOWN && + decode_ssl_trust (extension, NULL, &host, &hash)) + encode_ssl_trust (extension, response, host, hash); + + g_free (host); + g_free (hash); +} diff --git a/src/libedataserver/e-source-webdav.h b/src/libedataserver/e-source-webdav.h index 1a9173361..f1c8da856 100644 --- a/src/libedataserver/e-source-webdav.h +++ b/src/libedataserver/e-source-webdav.h @@ -147,6 +147,12 @@ ETrustPromptResponse GTlsCertificateFlags cert_errors); void e_source_webdav_unset_temporary_ssl_trust (ESourceWebdav *extension); +ETrustPromptResponse + e_source_webdav_get_ssl_trust_response + (ESourceWebdav *extension); +void e_source_webdav_set_ssl_trust_response + (ESourceWebdav *extension, + ETrustPromptResponse response); G_END_DECLS diff --git a/src/libedataserverui/e-trust-prompt.c b/src/libedataserverui/e-trust-prompt.c index 50d7634ee..71c217427 100644 --- a/src/libedataserverui/e-trust-prompt.c +++ b/src/libedataserverui/e-trust-prompt.c @@ -604,57 +604,55 @@ e_trust_prompt_run_for_source (GtkWindow *parent, certificate = g_tls_certificate_new_from_pem (certificate_pem, -1, &save_data->error); if (certificate) { + const gchar *source_extension = NULL; + if (extension_webdav && host) save_data->response = e_source_webdav_verify_ssl_trust (extension_webdav, host, certificate, 0); else save_data->response = E_TRUST_PROMPT_RESPONSE_REJECT_TEMPORARILY; - if (save_data->response != E_TRUST_PROMPT_RESPONSE_REJECT) { - const gchar *source_extension = NULL; - - if (e_source_has_extension (source, E_SOURCE_EXTENSION_ADDRESS_BOOK)) - source_extension = E_SOURCE_EXTENSION_ADDRESS_BOOK; - - if (e_source_has_extension (source, E_SOURCE_EXTENSION_CALENDAR)) { - if (!source_extension) - source_extension = E_SOURCE_EXTENSION_CALENDAR; - else - source_extension = E_SOURCE_EXTENSION_COLLECTION; - } + if (e_source_has_extension (source, E_SOURCE_EXTENSION_ADDRESS_BOOK)) + source_extension = E_SOURCE_EXTENSION_ADDRESS_BOOK; - if (e_source_has_extension (source, E_SOURCE_EXTENSION_MEMO_LIST)) { - if (!source_extension) - source_extension = E_SOURCE_EXTENSION_MEMO_LIST; - else - source_extension = E_SOURCE_EXTENSION_COLLECTION; - } + if (e_source_has_extension (source, E_SOURCE_EXTENSION_CALENDAR)) { + if (!source_extension) + source_extension = E_SOURCE_EXTENSION_CALENDAR; + else + source_extension = E_SOURCE_EXTENSION_COLLECTION; + } - if (e_source_has_extension (source, E_SOURCE_EXTENSION_TASK_LIST)) { - if (!source_extension) - source_extension = E_SOURCE_EXTENSION_TASK_LIST; - else - source_extension = E_SOURCE_EXTENSION_COLLECTION; - } + if (e_source_has_extension (source, E_SOURCE_EXTENSION_MEMO_LIST)) { + if (!source_extension) + source_extension = E_SOURCE_EXTENSION_MEMO_LIST; + else + source_extension = E_SOURCE_EXTENSION_COLLECTION; + } - if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_ACCOUNT)) { - if (!source_extension) - source_extension = E_SOURCE_EXTENSION_MAIL_ACCOUNT; - else - source_extension = E_SOURCE_EXTENSION_COLLECTION; - } + if (e_source_has_extension (source, E_SOURCE_EXTENSION_TASK_LIST)) { + if (!source_extension) + source_extension = E_SOURCE_EXTENSION_TASK_LIST; + else + source_extension = E_SOURCE_EXTENSION_COLLECTION; + } - if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_TRANSPORT)) { - if (!source_extension) - source_extension = E_SOURCE_EXTENSION_MAIL_TRANSPORT; - else - source_extension = E_SOURCE_EXTENSION_COLLECTION; - } + if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_ACCOUNT)) { + if (!source_extension) + source_extension = E_SOURCE_EXTENSION_MAIL_ACCOUNT; + else + source_extension = E_SOURCE_EXTENSION_COLLECTION; + } - save_data->response = e_trust_prompt_run_with_dialog_ready_callback (parent, - source_extension, e_source_get_display_name (source), host, - certificate_pem, certificate_errors, error_text, - trust_prompt_listen_for_source_changes_cb, source); + if (e_source_has_extension (source, E_SOURCE_EXTENSION_MAIL_TRANSPORT)) { + if (!source_extension) + source_extension = E_SOURCE_EXTENSION_MAIL_TRANSPORT; + else + source_extension = E_SOURCE_EXTENSION_COLLECTION; } + + save_data->response = e_trust_prompt_run_with_dialog_ready_callback (parent, + source_extension, e_source_get_display_name (source), host, + certificate_pem, certificate_errors, error_text, + trust_prompt_listen_for_source_changes_cb, source); } g_signal_handlers_disconnect_matched (source, G_SIGNAL_MATCH_FUNC, 0, 0, NULL, |