internal SslServerTrustDialog (string realm, SslFailure failures, CertficateInfo cert_info, bool may_save)
{
this.Build();
this.failures = failures;
labelRealm.Text = realm;
labelHost.Text = cert_info.HostName;
labelIssuer.Text = cert_info.IssuerName;
labelFrom.Text = cert_info.ValidFrom;
labelUntil.Text = cert_info.ValidUntil;
labelFprint.Text = cert_info.Fingerprint;
if (!may_save)
radioAccept.Visible = false;
string reason = "";
if ((failures & SslFailure.NotYetValid) != 0)
reason += "\n" + GettextCatalog.GetString ("Certificate is not yet valid.");
if ((failures & SslFailure.Expired) != 0)
reason += "\n" + GettextCatalog.GetString ("Certificate has expired.");
if ((failures & SslFailure.CNMismatch) != 0)
reason += "\n" + GettextCatalog.GetString ("Certificate's CN (hostname) does not match the remote hostname.");
if ((failures & SslFailure.UnknownCA) != 0)
reason += "\n" + GettextCatalog.GetString ("Certificate authority is unknown (i.e. not trusted).");
if (reason.Length > 0) {
labelReason.Markup = "<b>" + reason.Substring (1) + "</b>";
}
}
internal static bool Show(string realm, SslFailure failures, bool may_save, CertficateInfo certInfo, out SslFailure accepted_failures, out bool save)
{
SslFailure local_accepted_failures = SslFailure.None;
bool local_save = false;
bool res = false;
object monitor = new Object();
EventHandler del = delegate
{
try
{
SslServerTrustDialog dlg = new SslServerTrustDialog(realm, failures, certInfo, may_save);
res = (MessageService.RunCustomDialog(dlg) == (int)Gtk.ResponseType.Ok);
if (res)
{
local_save = dlg.Save;
local_accepted_failures = dlg.AcceptedFailures;
}
dlg.Destroy();
}
finally
{
lock (monitor)
{
System.Threading.Monitor.Pulse(monitor);
}
}
};
if (GLib.MainContext.Depth > 0)
{
// Already in GUI thread
del(null, null);
}
else
{
lock (monitor)
{
Gtk.Application.Invoke(del);
System.Threading.Monitor.Wait(monitor);
}
}
accepted_failures = local_accepted_failures;
save = local_save;
return(res);
}
static void AuthenticationSslServerTrustHandlers(object sender, SvnSslServerTrustEventArgs e)
{
SslFailure acceptedFailures;
bool save;
var certInfo = new CertficateInfo {
AsciiCert = e.CertificateValue,
Fingerprint = e.Fingerprint,
HostName = e.CommonName,
IssuerName = e.Issuer,
ValidFrom = e.ValidFrom,
ValidUntil = e.ValidUntil,
};
e.Cancel = !SslServerTrustAuthenticationPrompt(e.Realm, (SslFailure)(uint)e.Failures, e.MaySave, certInfo, out acceptedFailures, out save);
e.AcceptedFailures = (SvnCertificateTrustFailures)(int)acceptedFailures;
e.Save = save;
}
internal SslServerTrustDialog(string realm, SslFailure failures, CertficateInfo cert_info, bool may_save)
{
this.Build();
this.failures = failures;
labelRealm.Text = realm;
labelHost.Text = cert_info.HostName;
labelIssuer.Text = cert_info.IssuerName;
labelFrom.Text = cert_info.ValidFrom;
labelUntil.Text = cert_info.ValidUntil;
labelFprint.Text = cert_info.Fingerprint;
if (!may_save)
{
radioAccept.Visible = false;
}
string reason = "";
if ((failures & SslFailure.NotYetValid) != 0)
{
reason += "\n" + GettextCatalog.GetString("Certificate is not yet valid.");
}
if ((failures & SslFailure.Expired) != 0)
{
reason += "\n" + GettextCatalog.GetString("Certificate has expired.");
}
if ((failures & SslFailure.CNMismatch) != 0)
{
reason += "\n" + GettextCatalog.GetString("Certificate's CN (hostname) does not match the remote hostname.");
}
if ((failures & SslFailure.UnknownCA) != 0)
{
reason += "\n" + GettextCatalog.GetString("Certificate authority is unknown (i.e. not trusted).");
}
if (reason.Length > 0)
{
labelReason.Markup = "<b>" + reason.Substring(1) + "</b>";
}
}
internal static bool Show (string realm, SslFailure failures, bool may_save, CertficateInfo certInfo, out SslFailure accepted_failures, out bool save)
{
SslFailure local_accepted_failures = SslFailure.None;
bool local_save = false;
bool res = false;
object monitor = new Object ();
EventHandler del = delegate {
try {
SslServerTrustDialog dlg = new SslServerTrustDialog (realm, failures, certInfo, may_save);
res = (MessageService.RunCustomDialog (dlg) == (int) Gtk.ResponseType.Ok);
if (res) {
local_save = dlg.Save;
local_accepted_failures = dlg.AcceptedFailures;
}
dlg.Destroy ();
} finally {
lock (monitor) {
System.Threading.Monitor.Pulse (monitor);
}
}
};
if (GLib.MainContext.Depth > 0) {
// Already in GUI thread
del (null, null);
}
else {
lock (monitor) {
Gtk.Application.Invoke (del);
System.Threading.Monitor.Wait (monitor);
}
}
accepted_failures = local_accepted_failures;
save = local_save;
return res;
}
static IntPtr OnAuthSslServerTrustPrompt (ref IntPtr cred, IntPtr baton, string realm, UInt32 failures, ref LibSvnClient.svn_auth_ssl_server_cert_info_t cert_info, bool may_save, IntPtr pool)
{
var data = new LibSvnClient.svn_auth_cred_ssl_server_trust_t ();
var ci = new CertficateInfo {
AsciiCert = cert_info.ascii_cert,
Fingerprint = cert_info.fingerprint,
HostName = cert_info.hostname,
IssuerName = cert_info.issuer_dname,
ValidFrom = cert_info.valid_from,
ValidUntil = cert_info.valid_until,
};
SslFailure accepted_failures;
bool ms;
if (SslServerTrustAuthenticationPrompt (realm, (SslFailure) failures, may_save, ci, out accepted_failures, out ms) && accepted_failures != SslFailure.None) {
data.may_save = ms ;
data.accepted_failures = (uint) accepted_failures;
cred = apr.pcalloc (pool, data);
return IntPtr.Zero;
} else {
data.accepted_failures = 0;
data.may_save = false;
cred = apr.pcalloc (pool, data);
return GetCancelError ();
}
}
static IntPtr OnAuthSslServerTrustPrompt (ref IntPtr cred, IntPtr baton, [MarshalAs (UnmanagedType.LPStr)] string realm, uint failures, ref LibSvnClient.svn_auth_ssl_server_cert_info_t cert_info, [MarshalAs (UnmanagedType.SysInt)] int may_save, IntPtr pool)
{
LibSvnClient.svn_auth_cred_ssl_server_trust_t data = new LibSvnClient.svn_auth_cred_ssl_server_trust_t ();
CertficateInfo ci = new CertficateInfo ();
ci.AsciiCert = cert_info.ascii_cert;
ci.Fingerprint = cert_info.fingerprint;
ci.HostName = cert_info.hostname;
ci.IssuerName = cert_info.issuer_dname;
ci.ValidFrom = cert_info.valid_from;
ci.ValidUntil = cert_info.valid_until;
SslFailure accepted_failures;
bool ms;
if (SslServerTrustAuthenticationPrompt (realm, (SslFailure) failures, may_save != 0, ci, out accepted_failures, out ms) && accepted_failures != SslFailure.None) {
data.may_save = ms ? 1 : 0;
data.accepted_failures = (uint) accepted_failures;
cred = apr.pcalloc (pool, data);
return IntPtr.Zero;
} else {
data.accepted_failures = 0;
data.may_save = 0;
cred = apr.pcalloc (pool, data);
return GetCancelError ();
}
}
