From 6d947c42b5e573cb350a1354a47a3a806a22cbb2 Mon Sep 17 00:00:00 2001 From: fiaxh Date: Sat, 15 Sep 2018 16:11:05 +0200 Subject: [PATCH] Notification on TLS error/wrong password, log TLS cert issues, don't make account with connection error appear disabled in accounts dialog --- libdino/src/service/notification_events.vala | 2 ++ main/src/ui/manage_accounts/dialog.vala | 9 --------- main/src/ui/notifications.vala | 14 ++++++++++++++ xmpp-vala/src/module/tls.vala | 15 +++++++++++++++ .../src/module/xep/0368_srv_records_tls.vala | 5 +++-- 5 files changed, 34 insertions(+), 11 deletions(-) diff --git a/libdino/src/service/notification_events.vala b/libdino/src/service/notification_events.vala index 13fef3e3..2d6a2545 100644 --- a/libdino/src/service/notification_events.vala +++ b/libdino/src/service/notification_events.vala @@ -11,6 +11,7 @@ public class NotificationEvents : StreamInteractionModule, Object { public signal void notify_message(Message message, Conversation conversation); public signal void notify_subscription_request(Conversation conversation); + public signal void notify_connection_error(Account account, ConnectionManager.ConnectionError error); private StreamInteractor stream_interactor; @@ -39,6 +40,7 @@ public class NotificationEvents : StreamInteractionModule, Object { } mam_potential_new[account].clear(); }); + stream_interactor.connection_manager.connection_error.connect((account, error) => notify_connection_error(account, error)); } private void on_message_received(Entities.Message message, Conversation conversation) { diff --git a/main/src/ui/manage_accounts/dialog.vala b/main/src/ui/manage_accounts/dialog.vala index 5706fc8c..1a370349 100644 --- a/main/src/ui/manage_accounts/dialog.vala +++ b/main/src/ui/manage_accounts/dialog.vala @@ -215,15 +215,6 @@ public class Dialog : Gtk.Dialog { if (error != null) { state_label.label = get_connection_error_description(error); state_label.get_style_context().add_class("is_error"); - - if (error.source == ConnectionManager.ConnectionError.Source.SASL || - error.source == ConnectionManager.ConnectionError.Source.TLS || - error.reconnect_recomendation == ConnectionManager.ConnectionError.Reconnect.NEVER) { - active_switch.state_set.disconnect(change_account_state); - active_switch.active = false; - active_switch.state_set.connect(change_account_state); - } - } else { ConnectionManager.ConnectionState state = stream_interactor.connection_manager.get_state(account); switch (state) { diff --git a/main/src/ui/notifications.vala b/main/src/ui/notifications.vala index f7540a4d..b0a4fe1b 100644 --- a/main/src/ui/notifications.vala +++ b/main/src/ui/notifications.vala @@ -43,6 +43,7 @@ public class Notifications : Object { public void start() { stream_interactor.get_module(NotificationEvents.IDENTITY).notify_message.connect(notify_message); stream_interactor.get_module(NotificationEvents.IDENTITY).notify_subscription_request.connect(notify_subscription_request); + stream_interactor.get_module(NotificationEvents.IDENTITY).notify_connection_error.connect(notify_connection_error); } private void notify_message(Entities.Message message, Conversation conversation) { @@ -79,6 +80,19 @@ public class Notifications : Object { active_ids.add(conversation.id.to_string() + "-subscription"); } + private void notify_connection_error(Account account, ConnectionManager.ConnectionError error) { + Notification notification = new Notification(_("Failed connecting to %s").printf(account.bare_jid.domainpart)); + switch (error.source) { + case ConnectionManager.ConnectionError.Source.SASL: + notification.set_body("Wrong password"); + break; + case ConnectionManager.ConnectionError.Source.TLS: + notification.set_body("Invalid TLS certificate"); + break; + } + window.get_application().send_notification(account.id.to_string() + "-connection-error", notification); + } + private Icon get_pixbuf_icon(Cairo.ImageSurface surface) throws Error { Gdk.Pixbuf avatar = Gdk.pixbuf_get_from_surface(surface, 0, 0, surface.get_width(), surface.get_height()); uint8[] buffer; diff --git a/xmpp-vala/src/module/tls.vala b/xmpp-vala/src/module/tls.vala index 7118a321..f2d58d32 100644 --- a/xmpp-vala/src/module/tls.vala +++ b/xmpp-vala/src/module/tls.vala @@ -4,6 +4,7 @@ namespace Xmpp.Tls { public class Module : XmppStreamNegotiationModule { public static ModuleIdentity IDENTITY = new ModuleIdentity(NS_URI, "tls_module"); + public signal void invalid_certificate(TlsCertificate peer_cert, TlsCertificateFlags errors); public bool require { get; set; default = true; } public bool server_supports_tls = false; public bool server_requires_tls = false; @@ -27,6 +28,7 @@ namespace Xmpp.Tls { var conn = TlsClientConnection.new(io_stream, identity); stream.reset_stream(conn); + conn.accept_certificate.connect(on_invalid_certificate); var flag = stream.get_flag(Flag.IDENTITY); flag.peer_certificate = conn.get_peer_certificate(); flag.finished = true; @@ -56,6 +58,19 @@ namespace Xmpp.Tls { } } + public static bool on_invalid_certificate(TlsCertificate peer_cert, TlsCertificateFlags errors) { + string error_str = ""; + foreach (var f in new TlsCertificateFlags[]{TlsCertificateFlags.UNKNOWN_CA, TlsCertificateFlags.BAD_IDENTITY, + TlsCertificateFlags.NOT_ACTIVATED, TlsCertificateFlags.EXPIRED, TlsCertificateFlags.REVOKED, + TlsCertificateFlags.INSECURE, TlsCertificateFlags.GENERIC_ERROR, TlsCertificateFlags.VALIDATE_ALL}) { + if (f in errors) { + error_str += @"$(f), "; + } + } + warning(@"Tls Certificate Errors: $(error_str)"); + return false; + } + public override bool mandatory_outstanding(XmppStream stream) { return require && (!stream.has_flag(Flag.IDENTITY) || !stream.get_flag(Flag.IDENTITY).finished); } diff --git a/xmpp-vala/src/module/xep/0368_srv_records_tls.vala b/xmpp-vala/src/module/xep/0368_srv_records_tls.vala index 8da8ba0c..87c8e433 100644 --- a/xmpp-vala/src/module/xep/0368_srv_records_tls.vala +++ b/xmpp-vala/src/module/xep/0368_srv_records_tls.vala @@ -37,9 +37,10 @@ public class TlsConnectionProvider : ConnectionProvider { SocketClient client = new SocketClient(); try { IOStream? io_stream = yield client.connect_to_host_async(srv_target.get_hostname(), srv_target.get_port()); - io_stream = TlsClientConnection.new(io_stream, new NetworkAddress(stream.remote_name.to_string(), srv_target.get_port())); + TlsConnection tls_connection = TlsClientConnection.new(io_stream, new NetworkAddress(stream.remote_name.to_string(), srv_target.get_port())); + tls_connection.accept_certificate.connect(Tls.Module.on_invalid_certificate); stream.add_flag(new Tls.Flag() { finished=true }); - return io_stream; + return tls_connection; } catch (Error e) { return null; }