static void
init_infinity (GeditCollaborationWindowHelper *helper)
{
InfGtkIo *io;
InfCommunicationManager *communication_manager;
InfXmppManager *xmpp_manager;
InfCertificateCredentials *certificate_credentials;
InfGtkBrowserModel *model_sort;
io = inf_gtk_io_new ();
communication_manager = inf_communication_manager_new ();
xmpp_manager = inf_xmpp_manager_new ();
certificate_credentials = inf_certificate_credentials_new ();
helper->priv->io = INF_IO (io);
helper->priv->certificate_credentials = certificate_credentials;
helper->priv->browser_store = inf_gtk_browser_store_new (INF_IO (io),
communication_manager);
model_sort = INF_GTK_BROWSER_MODEL (
inf_gtk_browser_model_sort_new (
INF_GTK_BROWSER_MODEL (helper->priv->browser_store)
)
);
gtk_tree_sortable_set_default_sort_func (GTK_TREE_SORTABLE (model_sort),
compare_func,
NULL,
NULL);
helper->priv->browser_view =
inf_gtk_browser_view_new_with_model (model_sort);
gtk_widget_show (helper->priv->browser_view);
g_signal_connect_after (helper->priv->browser_store,
"set-browser",
G_CALLBACK (on_set_browser),
helper);
g_signal_connect (helper->priv->browser_view,
"selection-changed",
G_CALLBACK (on_selection_changed),
helper);
g_signal_connect (helper->priv->browser_view,
"populate-popup",
G_CALLBACK (on_populate_popup),
helper);
g_signal_connect (helper->priv->browser_view,
"activate",
G_CALLBACK (on_browser_activate),
helper);
#ifdef LIBINFINITY_HAVE_AVAHI
init_infinity_discovery (helper, xmpp_manager);
#endif
init_bookmarks (helper);
g_object_unref (communication_manager);
g_object_unref (xmpp_manager);
}
static gboolean
inf_test_certificate_validate_run(const InfTestCertificateValidateDesc* desc,
GError** error)
{
InfIo* io;
InfdXmppServer* server;
InfXmppManager* xmpp_manager;
InfCertificateVerify* verify;
InfXmppConnection* client;
gchar* pinned_file;
InfXmlConnectionStatus status;
InfTestCertificateValidateCheckCertificateData check_certificate_data;
gboolean result;
GError* conn_error;
GHashTable* pinned;
gnutls_x509_crt_t pinned_cert;
InfCertificateChain* current_cert;
gboolean cert_equal;
/* Setup server */
io = INF_IO(inf_standalone_io_new());
server = inf_test_certificate_setup_server(
io,
desc->key_file,
desc->cert_file,
error
);
if(server == NULL)
{
g_object_unref(io);
return FALSE;
}
/* Create client */
pinned_file = inf_test_validate_setup_pin(
desc->hostname,
desc->pinned_certificate,
error
);
if(pinned_file == NULL)
{
g_object_unref(server);
g_object_unref(io);
return FALSE;
}
xmpp_manager = inf_xmpp_manager_new();
verify = inf_certificate_verify_new(xmpp_manager, pinned_file);
check_certificate_data.did_query = FALSE;
check_certificate_data.accept_query = desc->accept_query;
g_signal_connect(
G_OBJECT(verify),
"check-certificate",
G_CALLBACK(inf_test_certificate_validate_check_certificate),
&check_certificate_data
);
client = inf_test_certificate_validate_setup_client(
io,
desc->ca_file,
desc->hostname,
error
);
if(client == NULL)
{
g_unlink(pinned_file);
g_free(pinned_file);
g_object_unref(io);
g_object_unref(xmpp_manager);
g_object_unref(verify);
g_object_unref(server);
return FALSE;
}
inf_xmpp_manager_add_connection(xmpp_manager, client);
/* Okay, now watch for status changes on the client or whether a dialog
* appears. */
g_signal_connect(
G_OBJECT(client),
"notify::status",
G_CALLBACK(inf_test_validate_certificate_notify_status_cb),
io
);
conn_error = NULL;
g_signal_connect(
G_OBJECT(client),
"error",
G_CALLBACK(inf_test_validate_certificate_error_cb),
&conn_error
);
inf_standalone_io_loop(INF_STANDALONE_IO(io));
g_object_unref(io);
/* Evaluate result */
result = TRUE;
g_object_get(G_OBJECT(client), "status", &status, NULL);
if(status == INF_XML_CONNECTION_OPEN)
{
g_assert(conn_error == NULL);
if(check_certificate_data.did_query == TRUE &&
desc->expectation != INF_TEST_CERTIFICATE_VALIDATE_EXPECT_QUERY_ACCEPT)
{
g_set_error(
error,
inf_test_certificate_validate_error(),
3,
"Certificate queried and accepted but not expected to"
);
result = FALSE;
}
else if(check_certificate_data.did_query == FALSE &&
desc->expectation != INF_TEST_CERTIFICATE_VALIDATE_EXPECT_ACCEPT)
{
g_set_error(
error,
inf_test_certificate_validate_error(),
0,
"Certificate accepted but not expected to"
);
result = FALSE;
}
}
else
{
g_assert(check_certificate_data.did_query || conn_error != NULL);
/* TODO: The certificate verification result is not preserved at
* the moment. We could change this in
* inf_xmpp_connection_certificate_verify_cancel such that the existing
* error is used if any, or otherwise our own is created. */
if(conn_error != NULL &&
conn_error->domain != inf_xmpp_connection_error_quark() &&
conn_error->code != INF_XMPP_CONNECTION_ERROR_CERTIFICATE_NOT_TRUSTED)
{
g_propagate_error(error, conn_error);
conn_error = NULL;
result = FALSE;
}
else if(check_certificate_data.did_query == TRUE &&
desc->expectation != INF_TEST_CERTIFICATE_VALIDATE_EXPECT_QUERY_REJECT)
{
g_set_error(
error,
inf_test_certificate_validate_error(),
2,
"Certificate queried and rejected but not expected to"
);
result = FALSE;
}
else if(check_certificate_data.did_query == FALSE &&
desc->expectation != INF_TEST_CERTIFICATE_VALIDATE_EXPECT_REJECT)
{
g_set_error(
error,
inf_test_certificate_validate_error(),
1,
"Certificate rejected but not expected to"
);
result = FALSE;
}
if(conn_error != NULL)
{
g_error_free(conn_error);
conn_error = NULL;
}
}
/* If we got the expected result, check whether the host was correctly
* pinned or not. */
if(result == TRUE)
{
pinned = inf_cert_util_read_certificate_map(pinned_file, error);
if(pinned == NULL)
{
result = FALSE;
}
else
{
pinned_cert = g_hash_table_lookup(pinned, desc->hostname);
cert_equal = FALSE;
if(pinned_cert != NULL)
{
g_object_get(
G_OBJECT(client),
"remote-certificate", ¤t_cert,
NULL
);
cert_equal = inf_cert_util_compare_fingerprint(
pinned_cert,
inf_certificate_chain_get_own_certificate(current_cert),
&conn_error
);
inf_certificate_chain_unref(current_cert);
}
if(conn_error != NULL)
{
g_propagate_error(error, conn_error);
conn_error = NULL;
}
else if(cert_equal == TRUE && desc->expect_pinned == FALSE)
{
g_set_error(
error,
inf_test_certificate_validate_error(),
4,
"Certificate was pinned but not expected to"
);
result = FALSE;
}
else if(pinned_cert == NULL && desc->expect_pinned == TRUE)
{
g_set_error(
error,
inf_test_certificate_validate_error(),
5,
"Certificate was not pinned but expected to"
);
result = FALSE;
}
g_hash_table_destroy(pinned);
}
}
g_unlink(pinned_file);
g_free(pinned_file);
g_object_unref(xmpp_manager);
g_object_unref(verify);
g_object_unref(server);
g_object_unref(client);
return result;
}
int
main(int argc,
char* argv[])
{
InfGtkIo* io;
InfConnectionManager* connection_manager;
#ifdef LIBINFINITY_HAVE_AVAHI
InfXmppManager* xmpp_manager;
InfDiscoveryAvahi* avahi;
#endif
InfGtkBrowserStore* store;
GtkWidget* view;
GtkWidget* scroll;
GtkWidget* window;
gtk_init(&argc, &argv);
gnutls_global_init();
io = inf_gtk_io_new();
#ifdef LIBINFINITY_HAVE_AVAHI
xmpp_manager = inf_xmpp_manager_new();
avahi = inf_discovery_avahi_new(INF_IO(io), xmpp_manager, NULL, NULL, NULL);
g_object_unref(G_OBJECT(xmpp_manager));
#endif
connection_manager = inf_connection_manager_new();
store = inf_gtk_browser_store_new(INF_IO(io), connection_manager, NULL);
g_object_unref(G_OBJECT(connection_manager));
g_object_unref(G_OBJECT(io));
g_signal_connect(
G_OBJECT(store),
"set-browser",
G_CALLBACK(on_set_browser),
NULL
);
#ifdef LIBINFINITY_HAVE_AVAHI
inf_gtk_browser_store_add_discovery(store, INF_DISCOVERY(avahi));
g_object_unref(G_OBJECT(avahi));
#endif
view = inf_gtk_browser_view_new_with_model(INF_GTK_BROWSER_MODEL(store));
g_object_unref(G_OBJECT(store));
gtk_widget_show(view);
g_signal_connect(
G_OBJECT(view),
"activate",
G_CALLBACK(on_activate),
NULL
);
scroll = gtk_scrolled_window_new(NULL, NULL);
gtk_scrolled_window_set_policy(
GTK_SCROLLED_WINDOW(scroll),
GTK_POLICY_AUTOMATIC,
GTK_POLICY_AUTOMATIC
);
gtk_scrolled_window_set_shadow_type(
GTK_SCROLLED_WINDOW(scroll),
GTK_SHADOW_IN
);
gtk_container_add(GTK_CONTAINER(scroll), view);
gtk_widget_show(scroll);
window = gtk_window_new(GTK_WINDOW_TOPLEVEL);
gtk_window_set_title(GTK_WINDOW(window),"Infinote Browser");
gtk_window_set_default_size(GTK_WINDOW(window), 400, 400);
gtk_window_set_icon_name(GTK_WINDOW(window), "infinote");
gtk_container_set_border_width(GTK_CONTAINER(window), 6);
gtk_container_add(GTK_CONTAINER(window), scroll);
gtk_widget_show(window);
g_signal_connect(G_OBJECT(window), "destroy", G_CALLBACK(on_destroy), NULL);
gtk_main();
return 0;
}