From 135e1d6968e7205611aea943496f1fd3f5ba04fc Mon Sep 17 00:00:00 2001 From: Chris Toshok Date: Mon, 5 Jan 2004 20:49:44 +0000 Subject: new function, implement the password dialog for PK11 slot authentication. 2004-01-05 Chris Toshok * gui/component.c (smime_pk11_passwd): new function, implement the password dialog for PK11 slot authentication. (smime_component_init): new function, initialize any gui related signals that the backend exposes. * gui/certificate-manager.c (import_your): use e_cert_db_import_pkcs12_file. (delete_your): new function, implement. (view_your): same. (backup_your): new function, stub out. (backup_all_your): same. (create_yourcerts_treemodel): new function. (initialize_yourcerts_ui): do all the sorting foo, and hook up all the signals. (ainitialize_contactcerts_ui): same. (initialize_authoritycerts_ui): same. (view_contact): treemodel -> streemodel. (view_ca): same. (delete_contact): same, and convert from the sort iter to the child iter before we remove. (delete_ca): same. (import_contact): call gtk_tree_view_expand_all. (import_ca): same. (add_user_cert): append to the child model, not the sort model. (add_contact_cert): same. (add_ca_cert): same. (unload_certs): implement the E_CERT_USER case, and fix the USER/CA stuff to use the sorted treemodels. (load_certs): remove spew. (populate_ui): expand all the tree views. * lib/.cvsignore: ignore the generated marshalling files. * lib/Makefile.am: add the marshalling foo. * lib/smime-marshal.list (BOOL): new file. * lib/e-cert-db.c (pk11_password): new function, emit the pk11_passwd signal. (initialize_nss): new function, split out all the nss init code here, and add all the PKCS12 cipers. (install_loadable_roots): new function, split this code out from the class_init. (e_cert_db_class_init): call initialize_nss() and install_loadable_roots(). also register our pk11_passwd signal. (e_cert_db_import_pkcs12_file): implement. (e_cert_db_login_to_slot): new function, implement. * lib/e-cert-db.h (struct _ECertDBClass): add pk11_passwd signal, and add prototype for e_cert_db_login_to_slot. * lib/e-pkcs12.c (input_to_decoder): remove spew. (prompt_for_password): fix this. (import_from_file_helper): fix fix fix, and remove spew. (write_export_file): nuke, we don't need this. svn path=/trunk/; revision=24058 --- smime/ChangeLog | 58 +++++++ smime/gui/Makefile.am | 5 +- smime/gui/certificate-manager.c | 374 ++++++++++++++++++++++++++-------------- smime/gui/component.c | 61 +++++++ smime/gui/component.h | 28 +++ smime/lib/.cvsignore | 1 + smime/lib/Makefile.am | 7 + smime/lib/e-cert-db.c | 145 +++++++++++++--- smime/lib/e-cert-db.h | 5 + smime/lib/e-pkcs12.c | 136 ++++++--------- smime/lib/smime-marshal.list | 1 + 11 files changed, 581 insertions(+), 240 deletions(-) create mode 100644 smime/gui/component.c create mode 100644 smime/gui/component.h create mode 100644 smime/lib/smime-marshal.list diff --git a/smime/ChangeLog b/smime/ChangeLog index 9a83b21eab..bd723cd432 100644 --- a/smime/ChangeLog +++ b/smime/ChangeLog @@ -1,3 +1,61 @@ +2004-01-05 Chris Toshok + + * gui/component.c (smime_pk11_passwd): new function, implement the + password dialog for PK11 slot authentication. + (smime_component_init): new function, initialize any gui related + signals that the backend exposes. + + * gui/certificate-manager.c (import_your): use + e_cert_db_import_pkcs12_file. + (delete_your): new function, implement. + (view_your): same. + (backup_your): new function, stub out. + (backup_all_your): same. + (create_yourcerts_treemodel): new function. + (initialize_yourcerts_ui): do all the sorting foo, and hook up all + the signals. + (ainitialize_contactcerts_ui): same. + (initialize_authoritycerts_ui): same. + (view_contact): treemodel -> streemodel. + (view_ca): same. + (delete_contact): same, and convert from the sort iter to the + child iter before we remove. + (delete_ca): same. + (import_contact): call gtk_tree_view_expand_all. + (import_ca): same. + (add_user_cert): append to the child model, not the sort model. + (add_contact_cert): same. + (add_ca_cert): same. + (unload_certs): implement the E_CERT_USER case, and fix the + USER/CA stuff to use the sorted treemodels. + (load_certs): remove spew. + (populate_ui): expand all the tree views. + + * lib/.cvsignore: ignore the generated marshalling files. + + * lib/Makefile.am: add the marshalling foo. + + * lib/smime-marshal.list (BOOL): new file. + + * lib/e-cert-db.c (pk11_password): new function, emit the + pk11_passwd signal. + (initialize_nss): new function, split out all the nss init code + here, and add all the PKCS12 cipers. + (install_loadable_roots): new function, split this code out from + the class_init. + (e_cert_db_class_init): call initialize_nss() and + install_loadable_roots(). also register our pk11_passwd signal. + (e_cert_db_import_pkcs12_file): implement. + (e_cert_db_login_to_slot): new function, implement. + + * lib/e-cert-db.h (struct _ECertDBClass): add pk11_passwd signal, + and add prototype for e_cert_db_login_to_slot. + + * lib/e-pkcs12.c (input_to_decoder): remove spew. + (prompt_for_password): fix this. + (import_from_file_helper): fix fix fix, and remove spew. + (write_export_file): nuke, we don't need this. + 2004-01-04 Chris Toshok * gui/certificate-viewer.c (fill_in_general): use markup diff --git a/smime/gui/Makefile.am b/smime/gui/Makefile.am index a15fdade86..614c2d5525 100644 --- a/smime/gui/Makefile.am +++ b/smime/gui/Makefile.am @@ -22,7 +22,10 @@ libevolution_smime_la_SOURCES = \ certificate-viewer.c \ certificate-viewer.h \ e-cert-selector.c \ - e-cert-selector.h + e-cert-selector.h \ + component.c \ + component.h + libevolution_smime_la_LIBADD = \ $(top_builddir)/smime/lib/libessmime.la \ diff --git a/smime/gui/certificate-manager.c b/smime/gui/certificate-manager.c index d2ae5e4fea..3d2c1a31bf 100644 --- a/smime/gui/certificate-manager.c +++ b/smime/gui/certificate-manager.c @@ -33,7 +33,6 @@ #include "e-cert.h" #include "e-cert-db.h" -#include "e-pkcs12.h" #include "nss.h" #include @@ -47,6 +46,7 @@ typedef struct { GtkWidget *yourcerts_treeview; GtkTreeStore *yourcerts_treemodel; + GtkTreeModel *yourcerts_streemodel; GHashTable *yourcerts_root_hash; GtkWidget *view_your_button; GtkWidget *backup_your_button; @@ -55,7 +55,7 @@ typedef struct { GtkWidget *delete_your_button; GtkWidget *contactcerts_treeview; - GtkTreeStore *contactcerts_treemodel; + GtkTreeModel *contactcerts_streemodel; GHashTable *contactcerts_root_hash; GtkWidget *view_contact_button; GtkWidget *edit_contact_button; @@ -63,7 +63,7 @@ typedef struct { GtkWidget *delete_contact_button; GtkWidget *authoritycerts_treeview; - GtkTreeStore *authoritycerts_treemodel; + GtkTreeModel *authoritycerts_streemodel; GHashTable *authoritycerts_root_hash; GtkWidget *view_ca_button; GtkWidget *edit_ca_button; @@ -123,19 +123,85 @@ import_your (GtkWidget *widget, CertificateManagerData *cfm) if (GTK_RESPONSE_OK == gtk_dialog_run (GTK_DIALOG (filesel))) { const char *filename = gtk_file_selection_get_filename (GTK_FILE_SELECTION (filesel)); - EPKCS12 *pkcs12 = e_pkcs12_new (); - - if (e_pkcs12_import_from_file (pkcs12, filename, NULL /* XXX */)) { + if (e_cert_db_import_pkcs12_file (e_cert_db_peek (), + filename, NULL /* XXX */)) { /* there's no telling how many certificates were added during the import, so we blow away the contact cert display and regenerate it. */ unload_certs (cfm, E_CERT_USER); load_certs (cfm, E_CERT_USER, add_user_cert); + gtk_tree_view_expand_all (GTK_TREE_VIEW (cfm->yourcerts_treeview)); } } gtk_widget_destroy (filesel); } +static void +delete_your (GtkWidget *widget, CertificateManagerData *cfm) +{ + GtkTreeIter iter; + + if (gtk_tree_selection_get_selected (gtk_tree_view_get_selection (GTK_TREE_VIEW(cfm->yourcerts_treeview)), + NULL, + &iter)) { + ECert *cert; + + gtk_tree_model_get (GTK_TREE_MODEL (cfm->yourcerts_streemodel), + &iter, + 4, &cert, + -1); + + if (cert) { + GtkTreeIter child_iter; + printf ("DELETE\n"); + e_cert_db_delete_cert (e_cert_db_peek (), cert); + gtk_tree_model_sort_convert_iter_to_child_iter (GTK_TREE_MODEL_SORT (cfm->yourcerts_streemodel), + &child_iter, + &iter); + gtk_tree_store_remove (GTK_TREE_STORE (gtk_tree_model_sort_get_model (GTK_TREE_MODEL_SORT (cfm->yourcerts_streemodel))), + &child_iter); + + /* we need two unrefs here, one to unref the + gtk_tree_model_get above, and one to unref + the initial ref when we created the cert + and added it to the tree */ + g_object_unref (cert); + g_object_unref (cert); + } + } + +} + +static void +view_your (GtkWidget *widget, CertificateManagerData *cfm) +{ + GtkTreeIter iter; + + if (gtk_tree_selection_get_selected (gtk_tree_view_get_selection (GTK_TREE_VIEW(cfm->yourcerts_treeview)), + NULL, + &iter)) { + ECert *cert; + + gtk_tree_model_get (GTK_TREE_MODEL (cfm->yourcerts_streemodel), + &iter, + 4, &cert, + -1); + + if (cert) + certificate_viewer_show (cert); + } +} + +static void +backup_your (GtkWidget *widget, CertificateManagerData *cfm) +{ +} + +static void +backup_all_your (GtkWidget *widget, CertificateManagerData *cfm) +{ +} + static void yourcerts_selection_changed (GtkTreeSelection *selection, CertificateManagerData *cfm) { @@ -146,70 +212,77 @@ yourcerts_selection_changed (GtkTreeSelection *selection, CertificateManagerData cfm->delete_your_button); } +static GtkTreeModel* +create_yourcerts_treemodel (void) +{ + return GTK_TREE_MODEL (gtk_tree_store_new (5, + G_TYPE_STRING, + G_TYPE_STRING, + G_TYPE_STRING, + G_TYPE_STRING, + G_TYPE_OBJECT)); +} + static void initialize_yourcerts_ui (CertificateManagerData *cfm) { GtkCellRenderer *cell = gtk_cell_renderer_text_new (); GtkTreeSelection *selection; + GtkTreeViewColumn *column; + column = gtk_tree_view_column_new_with_attributes (_("Certificate Name"), + cell, + "text", 0, + NULL); gtk_tree_view_append_column (GTK_TREE_VIEW (cfm->yourcerts_treeview), - gtk_tree_view_column_new_with_attributes (_("Certificate Name"), - cell, - "text", 0, - NULL)); + column); + gtk_tree_view_column_set_sort_column_id (column, 0); + column = gtk_tree_view_column_new_with_attributes (_("Purposes"), + cell, + "text", 1, + NULL); gtk_tree_view_append_column (GTK_TREE_VIEW (cfm->yourcerts_treeview), - gtk_tree_view_column_new_with_attributes (_("Purposes"), - cell, - "text", 1, - NULL)); + column); + gtk_tree_view_column_set_sort_column_id (column, 1); + column = gtk_tree_view_column_new_with_attributes (_("Serial Number"), + cell, + "text", 2, + NULL); gtk_tree_view_append_column (GTK_TREE_VIEW (cfm->yourcerts_treeview), - gtk_tree_view_column_new_with_attributes (_("Serial Number"), - cell, - "text", 2, - NULL)); + column); + gtk_tree_view_column_set_sort_column_id (column, 2); + column = gtk_tree_view_column_new_with_attributes (_("Expires"), + cell, + "text", 3, + NULL); gtk_tree_view_append_column (GTK_TREE_VIEW (cfm->yourcerts_treeview), - gtk_tree_view_column_new_with_attributes (_("Expires"), - cell, - "text", 3, - NULL)); - - cfm->yourcerts_treemodel = gtk_tree_store_new (5, - G_TYPE_STRING, - G_TYPE_STRING, - G_TYPE_STRING, - G_TYPE_STRING, - G_TYPE_OBJECT); + column); + gtk_tree_view_column_set_sort_column_id (column, 3); - gtk_tree_view_set_model (GTK_TREE_VIEW (cfm->yourcerts_treeview), - GTK_TREE_MODEL (cfm->yourcerts_treemodel)); - - cfm->yourcerts_root_hash = g_hash_table_new (g_str_hash, g_str_equal); + gtk_tree_sortable_set_sort_column_id (GTK_TREE_SORTABLE (cfm->yourcerts_streemodel), + 0, + GTK_SORT_ASCENDING); selection = gtk_tree_view_get_selection (GTK_TREE_VIEW (cfm->yourcerts_treeview)); g_signal_connect (selection, "changed", G_CALLBACK (yourcerts_selection_changed), cfm); - if (cfm->import_your_button) { + if (cfm->import_your_button) g_signal_connect (cfm->import_your_button, "clicked", G_CALLBACK (import_your), cfm); - } - if (cfm->delete_your_button) { - /* g_signal_connect */ - } + if (cfm->delete_your_button) + g_signal_connect (cfm->delete_your_button, "clicked", G_CALLBACK (delete_your), cfm); - if (cfm->view_your_button) { - /* g_signal_connect */ - } + if (cfm->view_your_button) + g_signal_connect (cfm->view_your_button, "clicked", G_CALLBACK (view_your), cfm); - if (cfm->backup_your_button) { - /* g_signal_connect */ - } + if (cfm->backup_your_button) + g_signal_connect (cfm->backup_your_button, "clicked", G_CALLBACK (backup_your), cfm); - if (cfm->backup_all_your_button) { - /* g_signal_connect */ - } + if (cfm->backup_all_your_button) + g_signal_connect (cfm->backup_all_your_button, "clicked", G_CALLBACK (backup_all_your), cfm); } static void @@ -222,7 +295,7 @@ view_contact (GtkWidget *widget, CertificateManagerData *cfm) &iter)) { ECert *cert; - gtk_tree_model_get (GTK_TREE_MODEL (cfm->contactcerts_treemodel), + gtk_tree_model_get (GTK_TREE_MODEL (cfm->contactcerts_streemodel), &iter, 3, &cert, -1); @@ -249,6 +322,7 @@ import_contact (GtkWidget *widget, CertificateManagerData *cfm) so we blow away the contact cert display and regenerate it. */ unload_certs (cfm, E_CERT_CONTACT); load_certs (cfm, E_CERT_CONTACT, add_contact_cert); + gtk_tree_view_expand_all (GTK_TREE_VIEW (cfm->contactcerts_treeview)); } } @@ -265,16 +339,20 @@ delete_contact (GtkWidget *widget, CertificateManagerData *cfm) &iter)) { ECert *cert; - gtk_tree_model_get (GTK_TREE_MODEL (cfm->contactcerts_treemodel), + gtk_tree_model_get (GTK_TREE_MODEL (cfm->contactcerts_streemodel), &iter, 3, &cert, -1); if (cert) { + GtkTreeIter child_iter; printf ("DELETE\n"); e_cert_db_delete_cert (e_cert_db_peek (), cert); - gtk_tree_store_remove (cfm->contactcerts_treemodel, - &iter); + gtk_tree_model_sort_convert_iter_to_child_iter (GTK_TREE_MODEL_SORT (cfm->contactcerts_streemodel), + &child_iter, + &iter); + gtk_tree_store_remove (GTK_TREE_STORE (gtk_tree_model_sort_get_model (GTK_TREE_MODEL_SORT (cfm->contactcerts_streemodel))), + &child_iter); /* we need two unrefs here, one to unref the gtk_tree_model_get above, and one to unref @@ -297,14 +375,14 @@ contactcerts_selection_changed (GtkTreeSelection *selection, CertificateManagerD cfm->delete_contact_button); } -static GtkTreeStore* +static GtkTreeModel* create_contactcerts_treemodel (void) { - return gtk_tree_store_new (4, - G_TYPE_STRING, - G_TYPE_STRING, - G_TYPE_STRING, - G_TYPE_OBJECT); + return GTK_TREE_MODEL (gtk_tree_store_new (4, + G_TYPE_STRING, + G_TYPE_STRING, + G_TYPE_STRING, + G_TYPE_OBJECT)); } static void @@ -312,27 +390,31 @@ initialize_contactcerts_ui (CertificateManagerData *cfm) { GtkCellRenderer *cell = gtk_cell_renderer_text_new (); GtkTreeSelection *selection; + GtkTreeViewColumn *column; + column = gtk_tree_view_column_new_with_attributes (_("Certificate Name"), + cell, + "text", 0, + NULL); gtk_tree_view_append_column (GTK_TREE_VIEW (cfm->contactcerts_treeview), - gtk_tree_view_column_new_with_attributes (_("Certificate Name"), - cell, - "text", 0, - NULL)); + column); + gtk_tree_view_column_set_sort_column_id (column, 0); + column = gtk_tree_view_column_new_with_attributes (_("E-Mail Address"), + cell, + "text", 1, + NULL); gtk_tree_view_append_column (GTK_TREE_VIEW (cfm->contactcerts_treeview), - gtk_tree_view_column_new_with_attributes (_("E-Mail Address"), - cell, - "text", 1, - NULL)); + column); + gtk_tree_view_column_set_sort_column_id (column, 1); + column = gtk_tree_view_column_new_with_attributes (_("Purposes"), + cell, + "text", 2, + NULL); gtk_tree_view_append_column (GTK_TREE_VIEW (cfm->contactcerts_treeview), - gtk_tree_view_column_new_with_attributes (_("Purposes"), - cell, - "text", 2, - NULL)); - - gtk_tree_view_set_model (GTK_TREE_VIEW (cfm->contactcerts_treeview), - GTK_TREE_MODEL (cfm->contactcerts_treemodel)); + column); + gtk_tree_view_column_set_sort_column_id (column, 2); cfm->contactcerts_root_hash = g_hash_table_new (g_str_hash, g_str_equal); @@ -350,25 +432,6 @@ initialize_contactcerts_ui (CertificateManagerData *cfm) } -static gint -iter_string_compare (GtkTreeModel *model, - GtkTreeIter *a, - GtkTreeIter *b, - gpointer user_data) -{ - char *string1, *string2; - - gtk_tree_model_get (model, a, - 0, &string1, - -1); - - gtk_tree_model_get (model, b, - 0, &string2, - -1); - - return g_utf8_collate (string1, string2); -} - static void view_ca (GtkWidget *widget, CertificateManagerData *cfm) { @@ -379,7 +442,7 @@ view_ca (GtkWidget *widget, CertificateManagerData *cfm) &iter)) { ECert *cert; - gtk_tree_model_get (GTK_TREE_MODEL (cfm->authoritycerts_treemodel), + gtk_tree_model_get (GTK_TREE_MODEL (cfm->authoritycerts_streemodel), &iter, 1, &cert, -1); @@ -406,6 +469,7 @@ import_ca (GtkWidget *widget, CertificateManagerData *cfm) so we blow away the CA cert display and regenerate it. */ unload_certs (cfm, E_CERT_CA); load_certs (cfm, E_CERT_CA, add_ca_cert); + gtk_tree_view_expand_all (GTK_TREE_VIEW (cfm->authoritycerts_treeview)); } } @@ -422,16 +486,20 @@ delete_ca (GtkWidget *widget, CertificateManagerData *cfm) &iter)) { ECert *cert; - gtk_tree_model_get (GTK_TREE_MODEL (cfm->authoritycerts_treemodel), + gtk_tree_model_get (GTK_TREE_MODEL (cfm->authoritycerts_streemodel), &iter, 1, &cert, -1); if (cert) { + GtkTreeIter child_iter; printf ("DELETE\n"); e_cert_db_delete_cert (e_cert_db_peek (), cert); - gtk_tree_store_remove (cfm->authoritycerts_treemodel, - &iter); + gtk_tree_model_sort_convert_iter_to_child_iter (GTK_TREE_MODEL_SORT (cfm->authoritycerts_streemodel), + &child_iter, + &iter); + gtk_tree_store_remove (GTK_TREE_STORE (gtk_tree_model_sort_get_model (GTK_TREE_MODEL_SORT (cfm->authoritycerts_streemodel))), + &child_iter); /* we need two unrefs here, one to unref the gtk_tree_model_get above, and one to unref @@ -454,12 +522,12 @@ authoritycerts_selection_changed (GtkTreeSelection *selection, CertificateManage cfm->delete_ca_button); } -static GtkTreeStore* +static GtkTreeModel* create_authoritycerts_treemodel (void) { - return gtk_tree_store_new (2, - G_TYPE_STRING, - G_TYPE_OBJECT); + return GTK_TREE_MODEL (gtk_tree_store_new (2, + G_TYPE_STRING, + G_TYPE_OBJECT)); } @@ -468,20 +536,15 @@ initialize_authoritycerts_ui (CertificateManagerData *cfm) { GtkCellRenderer *cell = gtk_cell_renderer_text_new (); GtkTreeSelection *selection; + GtkTreeViewColumn *column; + column = gtk_tree_view_column_new_with_attributes (_("Certificate Name"), + cell, + "text", 0, + NULL); gtk_tree_view_append_column (GTK_TREE_VIEW (cfm->authoritycerts_treeview), - gtk_tree_view_column_new_with_attributes (_("Certificate Name"), - cell, - "text", 0, - NULL)); - - gtk_tree_sortable_set_sort_func (GTK_TREE_SORTABLE (cfm->authoritycerts_treemodel), - 0, - iter_string_compare, NULL, NULL); - - gtk_tree_sortable_set_sort_column_id (GTK_TREE_SORTABLE (cfm->authoritycerts_treemodel), - 0, - GTK_SORT_ASCENDING); + column); + gtk_tree_view_column_set_sort_column_id (column, 0); selection = gtk_tree_view_get_selection (GTK_TREE_VIEW (cfm->authoritycerts_treeview)); g_signal_connect (selection, "changed", G_CALLBACK (authoritycerts_selection_changed), cfm); @@ -502,14 +565,15 @@ add_user_cert (CertificateManagerData *cfm, ECert *cert) GtkTreeIter iter; GtkTreeIter *parent_iter = NULL; const char *organization = e_cert_get_org (cert); + GtkTreeModel *model = gtk_tree_model_sort_get_model (GTK_TREE_MODEL_SORT (cfm->yourcerts_streemodel)); if (organization) { parent_iter = g_hash_table_lookup (cfm->yourcerts_root_hash, organization); if (!parent_iter) { /* create a new toplevel node */ - gtk_tree_store_append (GTK_TREE_STORE (cfm->yourcerts_treemodel), &iter, NULL); + gtk_tree_store_append (GTK_TREE_STORE (model), &iter, NULL); - gtk_tree_store_set (GTK_TREE_STORE (cfm->yourcerts_treemodel), &iter, + gtk_tree_store_set (GTK_TREE_STORE (model), &iter, 0, organization, -1); /* now copy it off into parent_iter and insert it into @@ -519,15 +583,15 @@ add_user_cert (CertificateManagerData *cfm, ECert *cert) } } - gtk_tree_store_append (GTK_TREE_STORE (cfm->yourcerts_treemodel), &iter, parent_iter); + gtk_tree_store_append (GTK_TREE_STORE (model), &iter, parent_iter); if (e_cert_get_cn (cert)) - gtk_tree_store_set (GTK_TREE_STORE (cfm->yourcerts_treemodel), &iter, + gtk_tree_store_set (GTK_TREE_STORE (model), &iter, 0, e_cert_get_cn (cert), 4, cert, -1); else - gtk_tree_store_set (GTK_TREE_STORE (cfm->yourcerts_treemodel), &iter, + gtk_tree_store_set (GTK_TREE_STORE (model), &iter, 0, e_cert_get_nickname (cert), 4, cert, -1); @@ -539,14 +603,15 @@ add_contact_cert (CertificateManagerData *cfm, ECert *cert) GtkTreeIter iter; GtkTreeIter *parent_iter = NULL; const char *organization = e_cert_get_org (cert); + GtkTreeModel *model = gtk_tree_model_sort_get_model (GTK_TREE_MODEL_SORT (cfm->contactcerts_streemodel)); if (organization) { parent_iter = g_hash_table_lookup (cfm->contactcerts_root_hash, organization); if (!parent_iter) { /* create a new toplevel node */ - gtk_tree_store_append (GTK_TREE_STORE (cfm->contactcerts_treemodel), &iter, NULL); + gtk_tree_store_append (GTK_TREE_STORE (model), &iter, NULL); - gtk_tree_store_set (GTK_TREE_STORE (cfm->contactcerts_treemodel), &iter, + gtk_tree_store_set (GTK_TREE_STORE (model), &iter, 0, organization, -1); /* now copy it off into parent_iter and insert it into @@ -556,16 +621,16 @@ add_contact_cert (CertificateManagerData *cfm, ECert *cert) } } - gtk_tree_store_append (GTK_TREE_STORE (cfm->contactcerts_treemodel), &iter, parent_iter); + gtk_tree_store_append (GTK_TREE_STORE (model), &iter, parent_iter); if (e_cert_get_cn (cert)) - gtk_tree_store_set (GTK_TREE_STORE (cfm->contactcerts_treemodel), &iter, + gtk_tree_store_set (GTK_TREE_STORE (model), &iter, 0, e_cert_get_cn (cert), 1, e_cert_get_email (cert), 3, cert, -1); else - gtk_tree_store_set (GTK_TREE_STORE (cfm->contactcerts_treemodel), &iter, + gtk_tree_store_set (GTK_TREE_STORE (model), &iter, 0, e_cert_get_nickname (cert), 1, e_cert_get_email (cert), 3, cert, @@ -578,14 +643,16 @@ add_ca_cert (CertificateManagerData *cfm, ECert *cert) GtkTreeIter iter; GtkTreeIter *parent_iter = NULL; const char *organization = e_cert_get_org (cert); + GtkTreeModel *model = gtk_tree_model_sort_get_model (GTK_TREE_MODEL_SORT (cfm->authoritycerts_streemodel)); if (organization) { parent_iter = g_hash_table_lookup (cfm->authoritycerts_root_hash, organization); if (!parent_iter) { /* create a new toplevel node */ - gtk_tree_store_append (GTK_TREE_STORE (cfm->authoritycerts_treemodel), &iter, NULL); + gtk_tree_store_append (GTK_TREE_STORE (model), + &iter, NULL); - gtk_tree_store_set (GTK_TREE_STORE (cfm->authoritycerts_treemodel), &iter, + gtk_tree_store_set (GTK_TREE_STORE (model), &iter, 0, organization, -1); /* now copy it off into parent_iter and insert it into @@ -596,15 +663,15 @@ add_ca_cert (CertificateManagerData *cfm, ECert *cert) } - gtk_tree_store_append (GTK_TREE_STORE (cfm->authoritycerts_treemodel), &iter, parent_iter); + gtk_tree_store_append (GTK_TREE_STORE (model), &iter, parent_iter); if (e_cert_get_cn (cert)) - gtk_tree_store_set (GTK_TREE_STORE (cfm->authoritycerts_treemodel), &iter, + gtk_tree_store_set (GTK_TREE_STORE (model), &iter, 0, e_cert_get_cn (cert), 1, cert, -1); else - gtk_tree_store_set (GTK_TREE_STORE (cfm->authoritycerts_treemodel), &iter, + gtk_tree_store_set (GTK_TREE_STORE (model), &iter, 0, e_cert_get_nickname (cert), 1, cert, -1); @@ -626,13 +693,42 @@ static void unload_certs (CertificateManagerData *cfm, ECertType type) { + GtkTreeModel *treemodel; + switch (type) { case E_CERT_USER: + treemodel = create_yourcerts_treemodel (); + + cfm->yourcerts_streemodel = gtk_tree_model_sort_new_with_model (GTK_TREE_MODEL (treemodel)); + + g_object_unref (treemodel); + + gtk_tree_view_set_model (GTK_TREE_VIEW (cfm->yourcerts_treeview), + cfm->yourcerts_streemodel); + + gtk_tree_sortable_set_sort_column_id (GTK_TREE_SORTABLE (cfm->yourcerts_streemodel), + 0, + GTK_SORT_ASCENDING); + + if (cfm->yourcerts_root_hash) + g_hash_table_destroy (cfm->yourcerts_root_hash); + + cfm->yourcerts_root_hash = g_hash_table_new_full (g_str_hash, g_str_equal, + destroy_key, destroy_value); break; case E_CERT_CONTACT: - cfm->contactcerts_treemodel = create_contactcerts_treemodel (); + treemodel = create_contactcerts_treemodel (); + + cfm->contactcerts_streemodel = gtk_tree_model_sort_new_with_model (GTK_TREE_MODEL (treemodel)); + + g_object_unref (treemodel); + gtk_tree_view_set_model (GTK_TREE_VIEW (cfm->contactcerts_treeview), - GTK_TREE_MODEL (cfm->contactcerts_treemodel)); + cfm->contactcerts_streemodel); + + gtk_tree_sortable_set_sort_column_id (GTK_TREE_SORTABLE (cfm->contactcerts_streemodel), + 0, + GTK_SORT_ASCENDING); if (cfm->contactcerts_root_hash) g_hash_table_destroy (cfm->contactcerts_root_hash); @@ -643,9 +739,18 @@ unload_certs (CertificateManagerData *cfm, case E_CERT_SITE: break; case E_CERT_CA: - cfm->authoritycerts_treemodel = create_authoritycerts_treemodel (); + treemodel = create_authoritycerts_treemodel (); + + cfm->authoritycerts_streemodel = gtk_tree_model_sort_new_with_model (GTK_TREE_MODEL (treemodel)); + + g_object_unref (treemodel); + gtk_tree_view_set_model (GTK_TREE_VIEW (cfm->authoritycerts_treeview), - GTK_TREE_MODEL (cfm->authoritycerts_treemodel)); + cfm->authoritycerts_streemodel); + + gtk_tree_sortable_set_sort_column_id (GTK_TREE_SORTABLE (cfm->authoritycerts_streemodel), + 0, + GTK_SORT_ASCENDING); if (cfm->authoritycerts_root_hash) g_hash_table_destroy (cfm->authoritycerts_root_hash); @@ -671,18 +776,14 @@ load_certs (CertificateManagerData *cfm, certList = PK11_ListCerts (PK11CertListUnique, NULL); - printf ("certList = %p\n", certList); - for (node = CERT_LIST_HEAD(certList); !CERT_LIST_END(node, certList); node = CERT_LIST_NEXT(node)) { ECert *cert = e_cert_new ((CERTCertificate*)node->cert); if (e_cert_get_cert_type(cert) == type) { - printf ("cert (nickname = '%s') matches\n", e_cert_get_nickname (cert)); add_cert (cfm, cert); } } - } static void @@ -696,6 +797,11 @@ populate_ui (CertificateManagerData *cfm) unload_certs (cfm, E_CERT_CA); load_certs (cfm, E_CERT_CA, add_ca_cert); + + /* expand all three trees */ + gtk_tree_view_expand_all (GTK_TREE_VIEW (cfm->yourcerts_treeview)); + gtk_tree_view_expand_all (GTK_TREE_VIEW (cfm->contactcerts_treeview)); + gtk_tree_view_expand_all (GTK_TREE_VIEW (cfm->authoritycerts_treeview)); } EvolutionConfigControl* diff --git a/smime/gui/component.c b/smime/gui/component.c new file mode 100644 index 0000000000..7c9658b9d1 --- /dev/null +++ b/smime/gui/component.c @@ -0,0 +1,61 @@ +/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */ +/* + * Authors: Chris Toshok + * + * Copyright (C) 2004 Novell, Inc. (www.novell.com) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Street #330, Boston, MA 02111-1307, USA. + * + */ + +#include +#include "e-cert-db.h" +#include "e-util/e-passwords.h" +#include "pk11func.h" + +static gboolean +smime_pk11_passwd (ECertDB *db, PK11SlotInfo* slot, gboolean retry, char **passwd, gpointer arg) +{ + char *prompt; + char *slot_name = g_strdup (PK11_GetSlotName (slot)); + + g_strchomp (slot_name); + + prompt = g_strdup_printf (_("Enter the password for `%s'"), slot_name); + g_free (slot_name); + + *passwd = e_passwords_ask_password (_("Enter password"), NULL, NULL, + prompt, TRUE, + E_PASSWORDS_DO_NOT_REMEMBER, NULL, + NULL); + + g_free (prompt); + + /* this should return FALSE if they canceled. */ + return TRUE; +} + +void +smime_component_init (void) +{ + static gboolean init_done = FALSE; + if (init_done) + return; + + init_done = TRUE; + g_signal_connect (e_cert_db_peek (), + "pk11_passwd", + G_CALLBACK (smime_pk11_passwd), NULL); +} diff --git a/smime/gui/component.h b/smime/gui/component.h new file mode 100644 index 0000000000..dbcd97bd2a --- /dev/null +++ b/smime/gui/component.h @@ -0,0 +1,28 @@ +/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */ +/* + * Authors: Chris Toshok + * + * Copyright (C) 2004 Novell, Inc. (www.novell.com) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Street #330, Boston, MA 02111-1307, USA. + * + */ + +#ifndef _SMIME_COMPONENT_H_ +#define _SMIME_COMPONENT_H_ + +void smime_component_init (void); + +#endif /* _SMIME_COMPONENT_H_ */ diff --git a/smime/lib/.cvsignore b/smime/lib/.cvsignore index 74b73492ca..7798e01d25 100644 --- a/smime/lib/.cvsignore +++ b/smime/lib/.cvsignore @@ -1,3 +1,4 @@ Makefile Makefile.in *.la +smime-marshal.[ch] diff --git a/smime/lib/Makefile.am b/smime/lib/Makefile.am index f534fd01f3..a9068e3b18 100644 --- a/smime/lib/Makefile.am +++ b/smime/lib/Makefile.am @@ -16,6 +16,7 @@ INCLUDES = \ noinst_LTLIBRARIES = libessmime.la libessmime_la_SOURCES = \ + $(MARSHAL_GENERATED) \ e-asn1-object.c \ e-asn1-object.h \ e-cert.c \ @@ -26,3 +27,9 @@ libessmime_la_SOURCES = \ e-cert-db.h \ e-pkcs12.c \ e-pkcs12.h + +MARSHAL_GENERATED = smime-marshal.c smime-marshal.h +@EVO_MARSHAL_RULE@ + +BUILT_SOURCES = $(MARSHAL_GENERATED) +CLEANFILES = $(BUILT_SOURCES) diff --git a/smime/lib/e-cert-db.c b/smime/lib/e-cert-db.c index 5acdf4e847..d37805d7c4 100644 --- a/smime/lib/e-cert-db.c +++ b/smime/lib/e-cert-db.c @@ -62,18 +62,23 @@ #define CERT_NewTempCertificate __CERT_NewTempCertificate #define CERT_AddTempCertToPerm __CERT_AddTempCertToPerm +#include "smime-marshal.h" #include "e-cert-db.h" #include "e-cert-trust.h" +#include "e-pkcs12.h" #include "gmodule.h" #include "nss.h" +#include "ssl.h" +#include "p12plcy.h" #include "pk11func.h" #include "secmod.h" #include "certdb.h" #include "plstr.h" #include "prprf.h" #include "prmem.h" +#include "e-util/e-passwords.h" #include "e-util/e-dialog-utils.h" #include #include @@ -82,6 +87,13 @@ #include #include +enum { + PK11_PASSWD, + LAST_SIGNAL +}; + +static guint e_cert_db_signals[LAST_SIGNAL]; + struct _ECertDBPrivate { }; @@ -109,21 +121,45 @@ e_cert_db_dispose (GObject *object) G_OBJECT_CLASS (parent_class)->dispose (object); } +PRBool +ucs2_ascii_conversion_fn (PRBool toUnicode, + unsigned char *inBuf, + unsigned int inBufLen, + unsigned char *outBuf, + unsigned int maxOutBufLen, + unsigned int *outBufLen, + PRBool swapBytes) +{ + printf ("in ucs2_ascii_conversion_fn\n"); +} + +static char* PR_CALLBACK +pk11_password (PK11SlotInfo* slot, PRBool retry, void* arg) +{ + char *pwd; + char *nsspwd; + + gboolean rv = FALSE; + + g_signal_emit (e_cert_db_peek (), + e_cert_db_signals[PK11_PASSWD], 0, + slot, + retry, + &pwd, + &rv); + + nsspwd = PORT_Strdup (pwd); + memset (pwd, 0, strlen (pwd)); + g_free (pwd); + return nsspwd; +} + static void -e_cert_db_class_init (ECertDBClass *klass) +initialize_nss (void) { - GObjectClass *object_class; char *evolution_dir_path; gboolean success; - gboolean has_roots; - PK11SlotList *list; - object_class = G_OBJECT_CLASS(klass); - - parent_class = g_type_class_ref (PARENT_TYPE); - - object_class->dispose = e_cert_db_dispose; - evolution_dir_path = g_build_path ("/", g_get_home_dir (), ".evolution", NULL); /* we initialize NSS here to make sure it only happens once */ @@ -142,11 +178,29 @@ e_cert_db_class_init (ECertDBClass *klass) if (!success) { g_warning ("Failed all methods for initializing NSS"); + return; } - /* - * check to see if you have a rootcert module installed - */ + NSS_SetDomesticPolicy(); + + PK11_SetPasswordFunc(pk11_password); + + /* Enable ciphers for PKCS#12 */ + SEC_PKCS12EnableCipher(PKCS12_RC4_40, 1); + SEC_PKCS12EnableCipher(PKCS12_RC4_128, 1); + SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_40, 1); + SEC_PKCS12EnableCipher(PKCS12_RC2_CBC_128, 1); + SEC_PKCS12EnableCipher(PKCS12_DES_56, 1); + SEC_PKCS12EnableCipher(PKCS12_DES_EDE3_168, 1); + SEC_PKCS12SetPreferredCipher(PKCS12_DES_EDE3_168, 1); + PORT_SetUCS2_ASCIIConversionFunction(ucs2_ascii_conversion_fn); +} + +static void +install_loadable_roots (void) +{ + gboolean has_roots; + PK11SlotList *list; has_roots = FALSE; list = PK11_GetAllTokens(CKM_INVALID_MECHANISM, PR_FALSE, PR_FALSE, NULL); @@ -188,6 +242,32 @@ e_cert_db_class_init (ECertDBClass *klass) } } +static void +e_cert_db_class_init (ECertDBClass *klass) +{ + GObjectClass *object_class; + + object_class = G_OBJECT_CLASS(klass); + + parent_class = g_type_class_ref (PARENT_TYPE); + + object_class->dispose = e_cert_db_dispose; + + initialize_nss(); + /* check to see if you have a rootcert module installed */ + install_loadable_roots(); + + e_cert_db_signals[PK11_PASSWD] = + g_signal_new ("pk11_passwd", + G_OBJECT_CLASS_TYPE (object_class), + G_SIGNAL_RUN_LAST, + G_STRUCT_OFFSET (ECertDBClass, pk11_passwd), + NULL, NULL, + smime_marshal_BOOLEAN__POINTER_BOOLEAN_POINTER, + G_TYPE_BOOLEAN, 3, + G_TYPE_POINTER, G_TYPE_BOOLEAN, G_TYPE_POINTER); +} + static void e_cert_db_init (ECertDB *ec) { @@ -250,14 +330,6 @@ e_cert_db_find_cert_by_nickname (ECertDB *certdb, CERTCertificate *cert = NULL; /*PR_LOG(gPIPNSSLog, PR_LOG_DEBUG, ("Getting \"%s\"\n", asciiname));*/ -#if 0 - /* what it should be, but for now...*/ - if (aToken) { - cert = PK11_FindCertFromNickname(asciiname, NULL); - } else { - cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), asciiname); - } -#endif cert = PK11_FindCertFromNickname((char*)nickname, NULL); if (!cert) { cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), (char*)nickname); @@ -1013,6 +1085,15 @@ e_cert_db_import_pkcs12_file (ECertDB *cert_db, const char *file_path, GError **error) { + EPKCS12 *pkcs12 = e_pkcs12_new (); + GError *e = NULL; + + if (!e_pkcs12_import_from_file (pkcs12, file_path, &e)) { + g_propagate_error (error, e); + return FALSE; + } + + return TRUE; } gboolean @@ -1023,6 +1104,28 @@ e_cert_db_export_pkcs12_file (ECertDB *cert_db, { } +gboolean +e_cert_db_login_to_slot (ECertDB *cert_db, + PK11SlotInfo *slot) +{ + if (PK11_NeedLogin (slot)) { + PK11_Logout (slot); + + if (PK11_NeedUserInit (slot)) { + printf ("initializing slot password\n"); + /* the user needs to specify the initial password */ + PK11_InitPin (slot, "", "farcl."); + } + + if (PK11_Authenticate (slot, PR_TRUE, NULL) != SECSuccess) { + printf ("PK11_Authenticate failed (err = %d/%d)\n", PORT_GetError(), PORT_GetError() + 0x2000); + return FALSE; + } + } + + return TRUE; +} + static SECStatus PR_CALLBACK diff --git a/smime/lib/e-cert-db.h b/smime/lib/e-cert-db.h index ffc381587a..d31fc02186 100644 --- a/smime/lib/e-cert-db.h +++ b/smime/lib/e-cert-db.h @@ -47,6 +47,9 @@ struct _ECertDB { struct _ECertDBClass { GObjectClass parent_class; + /* signals */ + gboolean (*pk11_passwd) (ECertDB *db, PK11SlotInfo *slot, gboolean retry, char **passwd); + /* Padding for future expansion */ void (*_ecert_reserved0) (void); void (*_ecert_reserved1) (void); @@ -124,5 +127,7 @@ gboolean e_cert_db_export_pkcs12_file (ECertDB *cert_db, GList *certs, GError **error); +gboolean e_cert_db_login_to_slot (ECertDB *cert_db, + PK11SlotInfo *slot); #endif /* _E_CERT_DB_H_ */ diff --git a/smime/lib/e-pkcs12.c b/smime/lib/e-pkcs12.c index 3092944196..0a9bb3bc74 100644 --- a/smime/lib/e-pkcs12.c +++ b/smime/lib/e-pkcs12.c @@ -63,30 +63,29 @@ #include #include "e-util/e-passwords.h" +#include "e-cert-db.h" #include "e-pkcs12.h" #include "prmem.h" #include "nss.h" +#include "ssl.h" #include "pkcs12.h" #include "p12plcy.h" #include "pk11func.h" #include "secerr.h" struct _EPKCS12Private { - int tmp_fd; - char *tmp_path; + int mumble; }; #define PARENT_TYPE G_TYPE_OBJECT static GObjectClass *parent_class; -// static callback functions for the NSS PKCS#12 library +/* static callback functions for the NSS PKCS#12 library */ static SECItem * PR_CALLBACK nickname_collision(SECItem *, PRBool *, void *); -static void PR_CALLBACK write_export_file(void *arg, const char *buf, unsigned long len); static gboolean handle_error(int myerr); -#define PKCS12_TMPFILENAME ".p12tmp" #define PKCS12_BUFFER_SIZE 2048 #define PKCS12_RESTORE_OK 1 #define PKCS12_BACKUP_OK 2 @@ -185,20 +184,16 @@ input_to_decoder (SEC_PKCS12DecoderContext *dcx, const char *path, GError **erro while (TRUE) { amount = fread (buf, 1, sizeof (buf), fp); if (amount < 0) { - printf ("got -1 fread\n"); fclose (fp); return FALSE; } + /* feed the file data into the decoder */ srv = SEC_PKCS12DecoderUpdate(dcx, (unsigned char*) buf, amount); if (srv) { - /* don't allow the close call to overwrite our precious error code */ /* XXX g_error */ - int pr_err = PORT_GetError(); - PORT_SetError(pr_err); - printf ("SEC_PKCS12DecoderUpdate returned %d\n", srv); fclose (fp); return FALSE; } @@ -209,6 +204,9 @@ input_to_decoder (SEC_PKCS12DecoderContext *dcx, const char *path, GError **erro return TRUE; } +/* XXX toshok - this needs to be done using a signal as in the + e_cert_db_login_to_slot stuff, instead of a direct gui dep here.. + for now, though, it stays. */ static gboolean prompt_for_password (char *title, char *prompt, SECItem *pwd) { @@ -219,8 +217,27 @@ prompt_for_password (char *title, char *prompt, SECItem *pwd) NULL); if (passwd) { - SECITEM_AllocItem(NULL, pwd, PL_strlen (passwd)); - memcpy (pwd->data, passwd, strlen (passwd)); + int len = g_utf8_strlen (passwd, -1); + gunichar2 uni; + int i; + char *p; + + SECITEM_AllocItem(NULL, pwd, sizeof (gunichar2) * (len + 1)); + memset (pwd->data, 0, sizeof (gunichar2) * (len + 1)); + +#ifdef IS_LITTLE_ENDIAN + p = passwd; + for (i=0; i < len; i++) { + uni = (gunichar2)(g_utf8_get_char (p) & 0xFFFF); + p = g_utf8_next_char (p); + + pwd->data[2*i] = (unsigned char)(uni >> 8); + pwd->data[2*i+1] = (unsigned char)(uni & 0xFF); + } +#else + memcpy (pwd->data, uni, pwd->len-2); +#endif + memset (passwd, 0, strlen (passwd)); g_free (passwd); } @@ -228,19 +245,17 @@ prompt_for_password (char *title, char *prompt, SECItem *pwd) } static gboolean -import_from_file_helper (EPKCS12 *pkcs12, const char *path, gboolean *aWantRetry, GError **error) +import_from_file_helper (EPKCS12 *pkcs12, PK11SlotInfo *slot, + const char *path, gboolean *aWantRetry, GError **error) { /*nsNSSShutDownPreventionLock locker; */ - gboolean rv = TRUE; + gboolean rv; SECStatus srv = SECSuccess; SEC_PKCS12DecoderContext *dcx = NULL; SECItem passwd; GError *err = NULL; - PK11SlotInfo *slot = PK11_GetInternalKeySlot (); /* XXX toshok - we - hardcode this - here */ - *aWantRetry = FALSE; + *aWantRetry = FALSE; passwd.data = NULL; rv = prompt_for_password (_("PKCS12 File Password"), _("Enter password for PKCS12 file:"), &passwd); @@ -250,32 +265,14 @@ import_from_file_helper (EPKCS12 *pkcs12, const char *path, gboolean *aWantRetry return TRUE; } -#if notyet - /* XXX we don't need this block as long as we hardcode the - slot above */ - nsXPIDLString tokenName; - nsXPIDLCString tokenNameCString; - const char *tokNameRef; - - - mToken->GetTokenName (getter_Copies(tokenName)); - tokenNameCString.Adopt (ToNewUTF8String(tokenName)); - tokNameRef = tokenNameCString; /* I do this here so that the - NS_CONST_CAST below doesn't - break the build on Win32 */ - - slot = PK11_FindSlotByName (NS_CONST_CAST(char*,tokNameRef)); - if (!slot) { - srv = SECFailure; - goto finish; - } -#endif - /* initialize the decoder */ - dcx = SEC_PKCS12DecoderStart (&passwd, slot, NULL, - NULL, NULL, - NULL, NULL, - pkcs12); + dcx = SEC_PKCS12DecoderStart (&passwd, + slot, + /* we specify NULL for all the + funcs + data so it'll use the + default pk11wrap functions */ + NULL, NULL, NULL, + NULL, NULL, NULL); if (!dcx) { srv = SECFailure; goto finish; @@ -289,19 +286,21 @@ import_from_file_helper (EPKCS12 *pkcs12, const char *path, gboolean *aWantRetry // inputToDecoder indicated a NSS error srv = SECFailure; } +#else + srv = SECFailure; #endif goto finish; } /* verify the blob */ srv = SEC_PKCS12DecoderVerify (dcx); - if (srv) { printf ("decoderverify failed\n"); goto finish; } + if (srv) goto finish; /* validate bags */ srv = SEC_PKCS12DecoderValidateBags (dcx, nickname_collision); - if (srv) { printf ("decodervalidatebags failed\n"); goto finish; } + if (srv) goto finish; /* import cert and key */ srv = SEC_PKCS12DecoderImportBags (dcx); - if (srv) { printf ("decoderimportbags failed\n"); goto finish; } + if (srv) goto finish; /* Later - check to see if this should become default email cert */ handle_error (PKCS12_RESTORE_OK); finish: @@ -309,18 +308,14 @@ import_from_file_helper (EPKCS12 *pkcs12, const char *path, gboolean *aWantRetry We should use that error code instead of inventing a new one for every error possible. */ if (srv != SECSuccess) { - printf ("srv != SECSuccess\n"); if (SEC_ERROR_BAD_PASSWORD == PORT_GetError()) { - printf ("BAD PASSWORD\n"); *aWantRetry = TRUE; } handle_error(PKCS12_NSS_ERROR); } else if (!rv) { handle_error(PKCS12_RESTORE_FAILED); } - if (slot) - PK11_FreeSlot(slot); - // finish the decoder + /* finish the decoder */ if (dcx) SEC_PKCS12DecoderFinish(dcx); return TRUE; @@ -332,32 +327,17 @@ e_pkcs12_import_from_file (EPKCS12 *pkcs12, const char *path, GError **error) /*nsNSSShutDownPreventionLock locker;*/ gboolean rv = TRUE; gboolean wantRetry; + PK11SlotInfo *slot; + printf ("importing pkcs12 from `%s'\n", path); -#if 0 - /* XXX we don't use tokens yet */ - if (!mToken) { - if (!mTokenSet) { - rv = SetToken(NULL); // Ask the user to pick a slot - if (NS_FAILED(rv)) { - handle_error(PKCS12_USER_CANCELED); - return rv; - } - } - } + slot = PK11_GetInternalKeySlot(); - if (!mToken) { - handle_error(PKCS12_RESTORE_FAILED); - return NS_ERROR_NOT_AVAILABLE; - } + if (!e_cert_db_login_to_slot (e_cert_db_peek (), slot)) + return FALSE; - /* init slot */ - rv = mToken->Login(PR_TRUE); - if (NS_FAILED(rv)) return rv; -#endif - do { - rv = import_from_file_helper (pkcs12, path, &wantRetry, error); + rv = import_from_file_helper (pkcs12, slot, path, &wantRetry, error); } while (rv && wantRetry); return rv; @@ -433,18 +413,6 @@ nickname_collision(SECItem *oldNick, PRBool *cancel, void *wincx) return new_nick; } -/* write bytes to the exported PKCS#12 file */ -static void PR_CALLBACK -write_export_file(void *arg, const char *buf, unsigned long len) -{ - EPKCS12 *pkcs12 = E_PKCS12 (arg); - EPKCS12Private *priv = pkcs12->priv; - - printf ("write_export_file\n"); - - write (priv->tmp_fd, buf, len); -} - static gboolean handle_error(int myerr) { diff --git a/smime/lib/smime-marshal.list b/smime/lib/smime-marshal.list new file mode 100644 index 0000000000..97c7a93233 --- /dev/null +++ b/smime/lib/smime-marshal.list @@ -0,0 +1 @@ +BOOL:POINTER,BOOL,POINTER -- cgit v1.2.3