void Gobby::PreferencesDialog::Security::on_file_dialog_response_key(
int response_id)
{
const std::string filename = m_file_dialog->get_filename();
m_file_dialog.reset(NULL);
if(response_id == Gtk::RESPONSE_ACCEPT)
{
m_key_generator_handle = create_key(
GNUTLS_PK_RSA,
2048,
sigc::bind(
sigc::mem_fun(
*this,
&Security::on_key_generated),
filename));
on_credentials_changed();
}
}
void Gobby::PreferencesDialog::Security::on_file_dialog_response_certificate(
int response_id)
{
const std::string filename = m_file_dialog->get_filename();
m_file_dialog.reset(NULL);
if(response_id == Gtk::RESPONSE_ACCEPT &&
m_cert_manager.get_private_key() != NULL)
{
m_cert_generator_handle = create_self_signed_certificate(
m_cert_manager.get_private_key(),
sigc::bind(
sigc::mem_fun(
*this,
&Security::on_cert_generated),
filename));
on_credentials_changed();
}
}
Gobby::PreferencesDialog::Security::Security(Gtk::Window& parent,
FileChooser& file_chooser,
Preferences& preferences,
CertificateManager& cert_manager):
m_preferences(preferences), m_parent(parent), m_file_chooser(file_chooser),
m_cert_manager(cert_manager),
m_group_trust_file(_("Trusted CAs")),
m_group_connection_policy(_("Secure Connection")),
m_group_authentication(_("Authentication")),
m_btn_path_trust_file(_("Select a file containing trusted CAs")),
m_conn_path_trust_file(m_btn_path_trust_file,
preferences.security.trust_file),
m_error_trust_file("", GtkCompat::ALIGN_LEFT),
m_cmb_connection_policy(preferences.security.policy),
m_btn_auth_none(_("None")),
m_btn_auth_cert(_("Use a certificate")),
m_lbl_key_file(_("Private key:"), GtkCompat::ALIGN_LEFT),
m_btn_key_file(_("Select a private key file")),
m_conn_path_key_file(m_btn_key_file, preferences.security.key_file),
m_btn_key_file_create(_("Create New...")),
m_box_key_file(false, 6),
m_error_key_file("", GtkCompat::ALIGN_LEFT),
m_lbl_cert_file(_("Certificate:"), GtkCompat::ALIGN_LEFT),
m_btn_cert_file(_("Select a certificate file")),
m_conn_path_cert_file(m_btn_cert_file,
preferences.security.certificate_file),
m_btn_cert_file_create(_("Create New...")),
m_box_cert_file(false, 6),
m_error_cert_file("", GtkCompat::ALIGN_LEFT),
m_size_group(Gtk::SizeGroup::create(Gtk::SIZE_GROUP_HORIZONTAL)),
m_key_generator_handle(NULL), m_cert_generator_handle(NULL)
{
m_cert_manager.signal_credentials_changed().connect(
sigc::mem_fun(*this, &Security::on_credentials_changed));
m_btn_auth_cert.signal_toggled().connect(
sigc::mem_fun(*this, &Security::on_auth_cert_toggled));
m_btn_path_trust_file.set_width_chars(20);
const std::string& trust_file = preferences.security.trust_file;
if(!trust_file.empty())
m_btn_path_trust_file.set_filename(trust_file);
m_btn_path_trust_file.show();
m_group_trust_file.add(m_btn_path_trust_file);
m_group_trust_file.add(m_error_trust_file);
m_group_trust_file.show();
/* m_cmb_connection_policy.add(
_("Never use a secure connection"),
INF_XMPP_CONNECTION_SECURITY_ONLY_UNSECURED);*/
m_cmb_connection_policy.add(
_("Use TLS if possible"),
INF_XMPP_CONNECTION_SECURITY_BOTH_PREFER_TLS);
m_cmb_connection_policy.add(
_("Always use TLS"),
INF_XMPP_CONNECTION_SECURITY_ONLY_TLS);
m_cmb_connection_policy.show();
m_group_connection_policy.add(m_cmb_connection_policy);
m_group_connection_policy.show();
Gtk::RadioButton::Group group;
m_btn_auth_none.set_group(group);
m_btn_auth_none.show();
m_btn_auth_cert.set_group(group);
m_btn_auth_cert.show();
if(preferences.security.authentication_enabled)
m_btn_auth_cert.set_active(true);
else
m_btn_auth_none.set_active(true);
connect_option(m_btn_auth_cert,
preferences.security.authentication_enabled);
m_lbl_key_file.show();
m_btn_key_file.set_width_chars(20);
const std::string& key_file = preferences.security.key_file;
if(!key_file.empty())
{
m_conn_path_key_file.block();
m_btn_key_file.set_filename(key_file);
m_conn_path_key_file.unblock();
}
m_btn_key_file.show();
m_btn_key_file_create.signal_clicked().connect(
sigc::mem_fun(*this, &Security::on_create_key_clicked));
m_btn_key_file_create.show();
m_box_key_file.pack_start(m_lbl_key_file, Gtk::PACK_SHRINK);
m_box_key_file.pack_start(m_btn_key_file, Gtk::PACK_SHRINK);
m_box_key_file.pack_start(m_btn_key_file_create, Gtk::PACK_SHRINK);
m_box_key_file.set_sensitive(
preferences.security.authentication_enabled);
m_box_key_file.show();
m_lbl_cert_file.show();
m_btn_cert_file.set_width_chars(20);
const std::string& cert_file = preferences.security.certificate_file;
if(!cert_file.empty())
{
m_conn_path_cert_file.block();
m_btn_cert_file.set_filename(cert_file);
m_conn_path_cert_file.unblock();
}
m_btn_cert_file.show();
m_btn_cert_file_create.signal_clicked().connect(
sigc::mem_fun(*this, &Security::on_create_cert_clicked));
m_btn_cert_file_create.show();
m_box_cert_file.pack_start(m_lbl_cert_file, Gtk::PACK_SHRINK);
m_box_cert_file.pack_start(m_btn_cert_file, Gtk::PACK_SHRINK);
m_box_cert_file.pack_start(m_btn_cert_file_create, Gtk::PACK_SHRINK);
m_box_cert_file.set_sensitive(
preferences.security.authentication_enabled);
m_box_cert_file.show();
m_size_group->add_widget(m_lbl_key_file);
m_size_group->add_widget(m_lbl_cert_file);
m_group_authentication.add(m_btn_auth_none);
m_group_authentication.add(m_btn_auth_cert);
m_group_authentication.add(*indent(m_box_key_file));
m_group_authentication.add(*indent(m_error_key_file));
m_group_authentication.add(*indent(m_box_cert_file));
m_group_authentication.add(*indent(m_error_cert_file));
m_group_authentication.show();
on_credentials_changed();
add(m_group_trust_file, false);
add(m_group_connection_policy, false);
add(m_group_authentication, false);
}
Gobby::PreferencesDialog::Security::Security(
const Glib::RefPtr<Gtk::Builder>& builder,
FileChooser& file_chooser, Preferences& preferences,
CertificateManager& cert_manager)
:
m_preferences(preferences),
m_file_chooser(file_chooser),
m_cert_manager(cert_manager)
{
builder->get_widget("trust-default-cas", m_btn_use_system_trust);
builder->get_widget("additionally-trusted-cas", m_btn_path_trust_file);
builder->get_widget("ca-error-message", m_error_trust_file);
builder->get_widget_derived("secure-connection",
m_cmb_connection_policy);
builder->get_widget("authentication-none", m_btn_auth_none);
builder->get_widget("authentication-certificate", m_btn_auth_cert);
builder->get_widget("grid-auth-certificate", m_grid_auth_cert);
builder->get_widget("private-key-file", m_btn_key_file);
builder->get_widget("create-private-key", m_btn_key_file_create);
builder->get_widget("key-error-message", m_error_key_file);
builder->get_widget("certificate-file", m_btn_cert_file);
builder->get_widget("create-certificate", m_btn_cert_file_create);
builder->get_widget("cert-error-message", m_error_cert_file);
m_cert_manager.signal_credentials_changed().connect(
sigc::mem_fun(*this, &Security::on_credentials_changed));
m_btn_auth_cert->signal_toggled().connect(
sigc::mem_fun(*this, &Security::on_auth_cert_toggled));
m_btn_use_system_trust->set_active(
m_preferences.security.use_system_trust);
m_btn_use_system_trust->signal_toggled().connect(
sigc::mem_fun(*this, &Security::on_use_system_trust_toggled));
const std::string& trust_file = preferences.security.trusted_cas;
if(!trust_file.empty())
m_btn_path_trust_file->set_filename(trust_file);
m_conn_path_trust_file.reset(new PathConnection(
*m_btn_path_trust_file, preferences.security.trusted_cas));
m_cmb_connection_policy->set_option(preferences.security.policy);
/* m_cmb_connection_policy->add(
_("Never use a secure connection"),
INF_XMPP_CONNECTION_SECURITY_ONLY_UNSECURED);*/
m_cmb_connection_policy->add(
_("Use TLS if possible"),
INF_XMPP_CONNECTION_SECURITY_BOTH_PREFER_TLS);
m_cmb_connection_policy->add(
_("Always use TLS"),
INF_XMPP_CONNECTION_SECURITY_ONLY_TLS);
if(preferences.security.authentication_enabled)
m_btn_auth_cert->set_active(true);
else
m_btn_auth_none->set_active(true);
connect_option(*m_btn_auth_cert,
preferences.security.authentication_enabled);
const std::string& key_file = preferences.security.key_file;
if(!key_file.empty())
m_btn_key_file->set_filename(key_file);
m_conn_path_key_file.reset(new PathConnection(
*m_btn_key_file, preferences.security.key_file));
m_btn_key_file_create->signal_clicked().connect(
sigc::mem_fun(*this, &Security::on_create_key_clicked));
const std::string& cert_file = preferences.security.certificate_file;
if(!cert_file.empty())
m_btn_cert_file->set_filename(cert_file);
m_conn_path_cert_file.reset(new PathConnection(
*m_btn_cert_file, preferences.security.certificate_file));
m_btn_cert_file_create->signal_clicked().connect(
sigc::mem_fun(*this, &Security::on_create_cert_clicked));
// Initial sensitivity and content
on_auth_cert_toggled();
on_credentials_changed();
}
