diff options
Diffstat (limited to 'embed/mozilla')
-rw-r--r-- | embed/mozilla/GtkNSSDialogs.cpp | 444 | ||||
-rw-r--r-- | embed/mozilla/GtkNSSDialogs.h | 31 | ||||
-rw-r--r-- | embed/mozilla/Makefile.am | 3 | ||||
-rw-r--r-- | embed/mozilla/MozRegisterComponents.cpp | 16 |
4 files changed, 494 insertions, 0 deletions
diff --git a/embed/mozilla/GtkNSSDialogs.cpp b/embed/mozilla/GtkNSSDialogs.cpp new file mode 100644 index 000000000..8b3613d2b --- /dev/null +++ b/embed/mozilla/GtkNSSDialogs.cpp @@ -0,0 +1,444 @@ +/* + * GtkNSSDialogs.cpp + * + * Copyright (C) 2003 Crispin Flowerday <gnome@flowerday.cx> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + */ + +/* + * This file provides Gtk implementations of the mozilla Certificate dialogs + * such as the ones displayed when connecting to a site with a self-signed + * or expired certificate. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#ifdef HAVE_MOZILLA_PSM + +#include "MozillaPrivate.h" + +#include "nsIX509Cert.h" +#include "nsICertificateDialogs.h" +#include "nsCOMPtr.h" +#include "nsIServiceManager.h" +#include "nsIInterfaceRequestor.h" +#include "nsIInterfaceRequestorUtils.h" +#include "nsIX509CertValidity.h" + +#include <gtk/gtkdialog.h> +#include <gtk/gtkstock.h> +#include <gtk/gtkcheckbutton.h> +#include <gtk/gtktogglebutton.h> +#include <gtk/gtkalignment.h> +#include <gtk/gtkbutton.h> +#include <gtk/gtkhbox.h> +#include <gtk/gtkvbox.h> +#include <gtk/gtkimage.h> +#include <gtk/gtklabel.h> +#include <gtk/gtkmessagedialog.h> +#include <gtk/gtkentry.h> +#include <gtk/gtkeditable.h> +#include <gtk/gtktable.h> + +#include <libgnome/gnome-i18n.h> + +#include "GtkNSSDialogs.h" + +#include <time.h> + +enum +{ + NSSDIALOG_RESPONSE_VIEW_CERT = 10 +}; + +GtkNSSDialogs::GtkNSSDialogs () +{ +} + +GtkNSSDialogs::~GtkNSSDialogs () +{ +} + +NS_IMPL_ISUPPORTS1 (GtkNSSDialogs, nsIBadCertListener) + +/** + * Call the mozilla service to display a certificate + */ +static void +view_certificate (nsIInterfaceRequestor *ctx, nsIX509Cert *cert) +{ + nsresult rv; + nsCOMPtr<nsICertificateDialogs> certDialogs = + do_GetService (NS_CERTIFICATEDIALOGS_CONTRACTID, &rv); + g_return_if_fail (NS_SUCCEEDED (rv)); + + certDialogs->ViewCert (ctx, cert); +} + +/** + * Display a dialog box, showing 'View Certificate', 'Cancel', + * and 'Accept' buttons. Optionally a checkbox can be shown, + * or the text can be NULL to avoid it being displayed + * + * @returns: GTK_RESPONSE_ACCEPT if the user clicked Accept + */ +static gint +display_cert_warning_box (nsIInterfaceRequestor *ctx, + nsIX509Cert *cert, + const char *markup_text, + const char *checkbox_text, + gboolean *checkbox_value, + const char *affirmative_text) +{ + GtkWidget *dialog, *hbox, *label, *image, *checkbox; + int res; + + nsCOMPtr<nsIDOMWindow> parent = do_GetInterface (ctx); + GtkWidget *gparent = MozillaFindGtkParent (parent); + + g_return_val_if_fail (GTK_IS_WINDOW (gparent), GTK_RESPONSE_CANCEL); + g_return_val_if_fail (markup_text, GTK_RESPONSE_CANCEL); + g_return_val_if_fail (!checkbox_text || checkbox_value, GTK_RESPONSE_CANCEL); + + dialog = gtk_dialog_new_with_buttons ("", + GTK_WINDOW (gparent), + GTK_DIALOG_NO_SEPARATOR, + NULL); + + gtk_window_set_resizable (GTK_WINDOW (dialog), FALSE); + gtk_container_set_border_width (GTK_CONTAINER (dialog), 6); + + /* Add the buttons */ + gtk_dialog_add_button (GTK_DIALOG (dialog), _("_View Certificate"), + NSSDIALOG_RESPONSE_VIEW_CERT); + + gtk_dialog_add_button (GTK_DIALOG (dialog), GTK_STOCK_CANCEL, + GTK_RESPONSE_CANCEL); + + if (affirmative_text == NULL) + { + affirmative_text = _("_Accept"); + } + + gtk_dialog_add_button (GTK_DIALOG (dialog), + affirmative_text, + GTK_RESPONSE_ACCEPT); + + /* Create the actual widgets that go in the display part of the dialog */ + hbox = gtk_hbox_new (FALSE, 12); + gtk_container_set_border_width (GTK_CONTAINER (hbox), 6); + gtk_container_add (GTK_CONTAINER (GTK_DIALOG (dialog)->vbox), hbox); + + image = gtk_image_new_from_stock (GTK_STOCK_DIALOG_WARNING, + GTK_ICON_SIZE_DIALOG); + gtk_misc_set_alignment (GTK_MISC (image), 0.5, 0.0); + gtk_box_pack_start (GTK_BOX (hbox), image, FALSE, FALSE, 0); + + label = gtk_label_new (NULL); + gtk_label_set_use_markup (GTK_LABEL (label), TRUE); + gtk_label_set_line_wrap (GTK_LABEL (label), TRUE); + gtk_misc_set_alignment (GTK_MISC (label), 0.0, 0.0); + + if (checkbox_text) + { + GtkWidget *vbox = gtk_vbox_new (FALSE, 12); + gtk_box_pack_start (GTK_BOX (hbox), vbox, TRUE, TRUE, 0); + gtk_box_pack_start (GTK_BOX (vbox), label, TRUE, TRUE, 0); + + checkbox = gtk_check_button_new_with_mnemonic (checkbox_text); + gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (checkbox), + *checkbox_value); + gtk_box_pack_start (GTK_BOX (vbox), checkbox, TRUE, TRUE, 0); + } + else + { + checkbox = 0; + gtk_box_pack_start (GTK_BOX (hbox), label, TRUE, TRUE, 0); + } + + gtk_label_set_markup (GTK_LABEL (label), markup_text); + gtk_dialog_set_default_response (GTK_DIALOG (dialog), GTK_RESPONSE_ACCEPT); + gtk_widget_show_all (dialog); + + while (1) + { + res = gtk_dialog_run (GTK_DIALOG (dialog)); + if (res == NSSDIALOG_RESPONSE_VIEW_CERT) + { + view_certificate (ctx, cert); + continue; + } + + break; + } + + if (res == GTK_RESPONSE_ACCEPT && checkbox) + { + *checkbox_value = gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (checkbox)); + } + + gtk_widget_destroy (dialog); + return res; +} + + +NS_IMETHODIMP +GtkNSSDialogs::ConfirmMismatchDomain (nsIInterfaceRequestor *ctx, + const nsACString &targetURL, + nsIX509Cert *cert, PRBool *_retval) +{ + nsAutoString commonName; + char *ttTargetUrl, *ttCommonName, *first, *second, *msg; + int res; + + cert->GetCommonName (commonName); + + ttTargetUrl = g_strdup_printf ("\"<tt>%s</tt>\"", + PromiseFlatCString(targetURL).get()); + + ttCommonName = g_strdup_printf ("\"<tt>%s</tt>\"", + NS_ConvertUCS2toUTF8(commonName).get()); + + first = g_strdup_printf (_("The site %s returned security information for " + "%s. It is possible that someone is intercepting " + "your communication to obtain your confidential " + "information."), + ttTargetUrl, ttCommonName); + + second = g_strdup_printf (_("You should only accept the security information if you " + "trust %s and %s."), + ttTargetUrl, ttCommonName); + + msg = g_strdup_printf ("<span weight=\"bold\" size=\"larger\">%s</span>\n\n%s\n\n%s", + _("Accept incorrect security information?"), + first, second); + + res = display_cert_warning_box (ctx, cert, msg, NULL, NULL, NULL); + + g_free (ttTargetUrl); + g_free (ttCommonName); + g_free (second); + g_free (first); + g_free (msg); + + *_retval = (res == GTK_RESPONSE_ACCEPT); + return NS_OK; +} + + +NS_IMETHODIMP +GtkNSSDialogs::ConfirmUnknownIssuer (nsIInterfaceRequestor *ctx, + nsIX509Cert *cert, PRInt16 *outAddType, + PRBool *_retval) +{ + gboolean accept_perm = FALSE; + nsAutoString commonName; + char *ttCommonName, *secondary, *tertiary, *msg; + int res; + + cert->GetCommonName (commonName); + + ttCommonName = g_strdup_printf ("\"<tt>%s</tt>\"", + NS_ConvertUCS2toUTF8(commonName).get()); + + secondary = g_strdup_printf + (_("Your browser was unable to trust %s. " + "It is possible that someone is intercepting your " + "communication to obtain your confidential information."), + ttCommonName); + + tertiary = g_strdup_printf + (_("You should only connect to the site if you are certain " + "you are connected to %s."), + ttCommonName); + + msg = g_strdup_printf ("<span weight=\"bold\" size=\"larger\">%s</span>\n\n%s\n\n%s", + _("Connect to untrusted site?"), + secondary, tertiary); + + res = display_cert_warning_box (ctx, cert, msg, + _("_Don't show this message again for this site"), + &accept_perm, _("Co_nnect")); + g_free (ttCommonName); + g_free (tertiary); + g_free (secondary); + g_free (msg); + + if (res != GTK_RESPONSE_ACCEPT) + { + *_retval = PR_FALSE; + *outAddType = UNINIT_ADD_FLAG; + } + else + { + if (accept_perm) + { + *_retval = PR_TRUE; + *outAddType = ADD_TRUSTED_PERMANENTLY; + } + else + { + *_retval = PR_TRUE; + *outAddType = ADD_TRUSTED_FOR_SESSION; + } + } + + return NS_OK; +} + + +/* boolean confirmCertExpired (in nsIInterfaceRequestor socketInfo, + in nsIX509Cert cert); */ +NS_IMETHODIMP +GtkNSSDialogs::ConfirmCertExpired (nsIInterfaceRequestor *ctx, + nsIX509Cert *cert, PRBool *_retval) +{ + nsresult rv; + PRTime now = PR_Now(); + PRTime notAfter, notBefore, timeToUse; + PRInt64 normalizedTime; + nsAutoString commonName; + time_t t; + struct tm tm; + char formattedDate[32]; + const char *primary, *text; + char *ttCommonName, *secondary, *msg; + + *_retval = PR_FALSE; + + nsCOMPtr<nsIX509CertValidity> validity; + rv = cert->GetValidity (getter_AddRefs(validity)); + if (NS_FAILED(rv)) return rv; + + rv = validity->GetNotAfter (¬After); + if (NS_FAILED(rv)) return rv; + + rv = validity->GetNotBefore (¬Before); + if (NS_FAILED(rv)) return rv; + + if (LL_CMP(now, >, notAfter)) { + primary = _("Accept expired security information?"); + text = _("The security information for %s " + "expired on %s."); + timeToUse = notAfter; + } else { + primary = _("Accept not yet valid security information?"); + text = _("The security information for %s isn't valid until %s."); + timeToUse = notBefore; + } + + cert->GetCommonName (commonName); + + LL_DIV (normalizedTime, timeToUse, PR_USEC_PER_SEC); + LL_L2UI (t, normalizedTime); + strftime (formattedDate, sizeof(formattedDate), _("%a %-d %b %Y"), + localtime_r (&t, &tm)); + + ttCommonName = g_strdup_printf ("\"<tt>%s</tt>\"", + NS_ConvertUCS2toUTF8(commonName).get()); + + secondary = g_strdup_printf (text, ttCommonName, formattedDate); + + msg = g_strdup_printf ("<span weight=\"bold\" size=\"larger\">%s</span>\n\n%s\n\n%s", + primary, secondary, + _("You should ensure that your computer's time is correct.")); + + int res = display_cert_warning_box (ctx, cert, msg, NULL, NULL, NULL); + + g_free (msg); + g_free (secondary); + g_free (ttCommonName); + + *_retval = (res == GTK_RESPONSE_ACCEPT); + + return NS_OK; +} + +/* void notifyCrlNextupdate (in nsIInterfaceRequestor socketInfo, + in AUTF8String targetURL, in nsIX509Cert cert); */ +NS_IMETHODIMP +GtkNSSDialogs::NotifyCrlNextupdate (nsIInterfaceRequestor *ctx, + const nsACString & targetURL, nsIX509Cert *cert) +{ + GtkWidget *dialog, *image, *hbox, *label; + char *ttCommonName, *ttTargetUrl, *primary, *secondary, *msg; + nsAutoString commonName; + + nsCOMPtr<nsIDOMWindow> parent = do_GetInterface (ctx); + GtkWidget *gparent = MozillaFindGtkParent (parent); + + dialog = gtk_dialog_new_with_buttons ("", + GTK_WINDOW (gparent), + GTK_DIALOG_NO_SEPARATOR, + GTK_STOCK_OK, + GTK_RESPONSE_OK, + NULL); + + gtk_window_set_resizable (GTK_WINDOW (dialog), FALSE); + gtk_dialog_set_default_response (GTK_DIALOG (dialog), GTK_RESPONSE_OK); + gtk_container_set_border_width (GTK_CONTAINER (dialog), 6); + + hbox = gtk_hbox_new (FALSE, 12); + gtk_container_set_border_width (GTK_CONTAINER (hbox), 6); + gtk_container_add (GTK_CONTAINER (GTK_DIALOG (dialog)->vbox), hbox); + + image = gtk_image_new_from_stock (GTK_STOCK_DIALOG_ERROR, + GTK_ICON_SIZE_DIALOG); + gtk_misc_set_alignment (GTK_MISC (image), 0.5, 0); + gtk_box_pack_start (GTK_BOX (hbox), image, FALSE, FALSE, 0); + + label = gtk_label_new (NULL); + gtk_label_set_use_markup (GTK_LABEL (label), TRUE); + gtk_label_set_line_wrap (GTK_LABEL (label), TRUE); + gtk_misc_set_alignment (GTK_MISC (image), 0.0, 0.0); + gtk_box_pack_start (GTK_BOX (hbox), label, TRUE, TRUE, 0); + + cert->GetCommonName (commonName); + + ttCommonName = g_strdup_printf ("\"<tt>%s</tt>\"", + NS_ConvertUCS2toUTF8(commonName).get()); + + ttTargetUrl = g_strdup_printf ("\"<tt>%s</tt>\"", + PromiseFlatCString(targetURL).get()); + + primary = g_strdup_printf (_("Cannot establish connection to %s"), + ttTargetUrl); + + secondary = g_strdup_printf (_("The certificate revocation list (CRL) from %s " + "needs to be updated."), + ttCommonName); + msg = g_strdup_printf ("<span weight=\"bold\" size=\"larger\">%s</span>\n\n%s\n\n%s", + primary, secondary, + _("Please ask your system administrator for assistance.")); + + gtk_label_set_markup (GTK_LABEL (label), msg); + + g_free (msg); + g_free (primary); + g_free (secondary); + g_free (ttCommonName); + g_free (ttTargetUrl); + + gtk_widget_show_all (dialog); + + gtk_dialog_run (GTK_DIALOG (dialog)); + gtk_widget_destroy (dialog); + return NS_OK; +} + +#endif diff --git a/embed/mozilla/GtkNSSDialogs.h b/embed/mozilla/GtkNSSDialogs.h new file mode 100644 index 000000000..7e7f41e40 --- /dev/null +++ b/embed/mozilla/GtkNSSDialogs.h @@ -0,0 +1,31 @@ +/* + * GtkNSSDialogs.h + * + * Copyright (C) 2003 Crispin Flowerday <gnome@flowerday.cx> + * Available under the terms of the GNU General Public License version 2. + */ + +#ifndef GTKNSSDIALOGS_H +#define GTKNSSDIALOGS_H 1 + +#include <nsError.h> +#include "nsIBadCertListener.h" + +// 7a50a10d-9425-4e12-84b1-5822edacd8ce +#define GTK_NSSDIALOGS_CID \ + {0x7a50a10d, 0x9425, 0x4e12, {0x84, 0xb1, 0x58, 0x22, 0xed, 0xac, 0xd8, 0xce}} + +#define GTK_NSSDIALOGS_CLASSNAME "Gtk NSS Dialogs" + +class GtkNSSDialogs : public nsIBadCertListener +{ +public: + NS_DECL_ISUPPORTS + NS_DECL_NSIBADCERTLISTENER + + GtkNSSDialogs(); + virtual ~GtkNSSDialogs(); +}; + + +#endif /* GTKNSSDIALOGS_H */ diff --git a/embed/mozilla/Makefile.am b/embed/mozilla/Makefile.am index a27b3e54a..b07ffedef 100644 --- a/embed/mozilla/Makefile.am +++ b/embed/mozilla/Makefile.am @@ -21,6 +21,7 @@ INCLUDES = \ -I$(MOZILLA_INCLUDE_ROOT)/mimetype \ -I$(MOZILLA_INCLUDE_ROOT)/necko \ -I$(MOZILLA_INCLUDE_ROOT)/nkcache \ + -I$(MOZILLA_INCLUDE_ROOT)/pipnss \ -I$(MOZILLA_INCLUDE_ROOT)/pref \ -I$(MOZILLA_INCLUDE_ROOT)/progressDlg \ -I$(MOZILLA_INCLUDE_ROOT)/shistory \ @@ -67,6 +68,8 @@ libephymozillaembed_la_SOURCES = \ FilePicker.h \ GlobalHistory.cpp \ GlobalHistory.h \ + GtkNSSDialogs.cpp \ + GtkNSSDialogs.h \ MozillaPrivate.cpp \ MozillaPrivate.h \ MozRegisterComponents.cpp \ diff --git a/embed/mozilla/MozRegisterComponents.cpp b/embed/mozilla/MozRegisterComponents.cpp index d6e79f697..29079aff2 100644 --- a/embed/mozilla/MozRegisterComponents.cpp +++ b/embed/mozilla/MozRegisterComponents.cpp @@ -29,6 +29,10 @@ #include "ExternalProtocolService.h" #include "EphyAboutRedirector.h" +#ifdef HAVE_MOZILLA_PSM +#include "GtkNSSDialogs.h" +#endif + #include <nsIGenericFactory.h> #include <nsIComponentRegistrar.h> #include <nsCOMPtr.h> @@ -47,6 +51,10 @@ NS_GENERIC_FACTORY_CONSTRUCTOR(GFtpProtocolHandler) NS_GENERIC_FACTORY_CONSTRUCTOR(GNewsProtocolHandler) NS_GENERIC_FACTORY_CONSTRUCTOR(GExternalProtocolService) +#ifdef HAVE_MOZILLA_PSM +NS_GENERIC_FACTORY_CONSTRUCTOR(GtkNSSDialogs) +#endif + static const nsModuleComponentInfo sAppComps[] = { { G_EXTERNALPROTOCOLSERVICE_CLASSNAME, @@ -72,6 +80,14 @@ static const nsModuleComponentInfo sAppComps[] = { G_FILEPICKER_CONTRACTID, GFilePickerConstructor }, +#ifdef HAVE_MOZILLA_PSM + { + GTK_NSSDIALOGS_CLASSNAME, + GTK_NSSDIALOGS_CID, + NS_BADCERTLISTENER_CONTRACTID, + GtkNSSDialogsConstructor + }, +#endif { NS_IHELPERAPPLAUNCHERDLG_CLASSNAME, G_CONTENTHANDLER_CID, |