internal SslServerTrustDialog (string realm, SslFailure failures, CertficateInfo cert_info, bool may_save) { this.Build(); this.failures = failures; labelRealm.Text = realm; labelHost.Text = cert_info.HostName; labelIssuer.Text = cert_info.IssuerName; labelFrom.Text = cert_info.ValidFrom; labelUntil.Text = cert_info.ValidUntil; labelFprint.Text = cert_info.Fingerprint; if (!may_save) radioAccept.Visible = false; string reason = ""; if ((failures & SslFailure.NotYetValid) != 0) reason += "\n" + GettextCatalog.GetString ("Certificate is not yet valid."); if ((failures & SslFailure.Expired) != 0) reason += "\n" + GettextCatalog.GetString ("Certificate has expired."); if ((failures & SslFailure.CNMismatch) != 0) reason += "\n" + GettextCatalog.GetString ("Certificate's CN (hostname) does not match the remote hostname."); if ((failures & SslFailure.UnknownCA) != 0) reason += "\n" + GettextCatalog.GetString ("Certificate authority is unknown (i.e. not trusted)."); if (reason.Length > 0) { labelReason.Markup = "<b>" + reason.Substring (1) + "</b>"; } }
internal static bool Show(string realm, SslFailure failures, bool may_save, CertficateInfo certInfo, out SslFailure accepted_failures, out bool save) { SslFailure local_accepted_failures = SslFailure.None; bool local_save = false; bool res = false; object monitor = new Object(); EventHandler del = delegate { try { SslServerTrustDialog dlg = new SslServerTrustDialog(realm, failures, certInfo, may_save); res = (MessageService.RunCustomDialog(dlg) == (int)Gtk.ResponseType.Ok); if (res) { local_save = dlg.Save; local_accepted_failures = dlg.AcceptedFailures; } dlg.Destroy(); } finally { lock (monitor) { System.Threading.Monitor.Pulse(monitor); } } }; if (GLib.MainContext.Depth > 0) { // Already in GUI thread del(null, null); } else { lock (monitor) { Gtk.Application.Invoke(del); System.Threading.Monitor.Wait(monitor); } } accepted_failures = local_accepted_failures; save = local_save; return(res); }
static void AuthenticationSslServerTrustHandlers(object sender, SvnSslServerTrustEventArgs e) { SslFailure acceptedFailures; bool save; var certInfo = new CertficateInfo { AsciiCert = e.CertificateValue, Fingerprint = e.Fingerprint, HostName = e.CommonName, IssuerName = e.Issuer, ValidFrom = e.ValidFrom, ValidUntil = e.ValidUntil, }; e.Cancel = !SslServerTrustAuthenticationPrompt(e.Realm, (SslFailure)(uint)e.Failures, e.MaySave, certInfo, out acceptedFailures, out save); e.AcceptedFailures = (SvnCertificateTrustFailures)(int)acceptedFailures; e.Save = save; }
internal SslServerTrustDialog(string realm, SslFailure failures, CertficateInfo cert_info, bool may_save) { this.Build(); this.failures = failures; labelRealm.Text = realm; labelHost.Text = cert_info.HostName; labelIssuer.Text = cert_info.IssuerName; labelFrom.Text = cert_info.ValidFrom; labelUntil.Text = cert_info.ValidUntil; labelFprint.Text = cert_info.Fingerprint; if (!may_save) { radioAccept.Visible = false; } string reason = ""; if ((failures & SslFailure.NotYetValid) != 0) { reason += "\n" + GettextCatalog.GetString("Certificate is not yet valid."); } if ((failures & SslFailure.Expired) != 0) { reason += "\n" + GettextCatalog.GetString("Certificate has expired."); } if ((failures & SslFailure.CNMismatch) != 0) { reason += "\n" + GettextCatalog.GetString("Certificate's CN (hostname) does not match the remote hostname."); } if ((failures & SslFailure.UnknownCA) != 0) { reason += "\n" + GettextCatalog.GetString("Certificate authority is unknown (i.e. not trusted)."); } if (reason.Length > 0) { labelReason.Markup = "<b>" + reason.Substring(1) + "</b>"; } }
internal static bool Show (string realm, SslFailure failures, bool may_save, CertficateInfo certInfo, out SslFailure accepted_failures, out bool save) { SslFailure local_accepted_failures = SslFailure.None; bool local_save = false; bool res = false; object monitor = new Object (); EventHandler del = delegate { try { SslServerTrustDialog dlg = new SslServerTrustDialog (realm, failures, certInfo, may_save); res = (MessageService.RunCustomDialog (dlg) == (int) Gtk.ResponseType.Ok); if (res) { local_save = dlg.Save; local_accepted_failures = dlg.AcceptedFailures; } dlg.Destroy (); } finally { lock (monitor) { System.Threading.Monitor.Pulse (monitor); } } }; if (GLib.MainContext.Depth > 0) { // Already in GUI thread del (null, null); } else { lock (monitor) { Gtk.Application.Invoke (del); System.Threading.Monitor.Wait (monitor); } } accepted_failures = local_accepted_failures; save = local_save; return res; }
static IntPtr OnAuthSslServerTrustPrompt (ref IntPtr cred, IntPtr baton, string realm, UInt32 failures, ref LibSvnClient.svn_auth_ssl_server_cert_info_t cert_info, bool may_save, IntPtr pool) { var data = new LibSvnClient.svn_auth_cred_ssl_server_trust_t (); var ci = new CertficateInfo { AsciiCert = cert_info.ascii_cert, Fingerprint = cert_info.fingerprint, HostName = cert_info.hostname, IssuerName = cert_info.issuer_dname, ValidFrom = cert_info.valid_from, ValidUntil = cert_info.valid_until, }; SslFailure accepted_failures; bool ms; if (SslServerTrustAuthenticationPrompt (realm, (SslFailure) failures, may_save, ci, out accepted_failures, out ms) && accepted_failures != SslFailure.None) { data.may_save = ms ; data.accepted_failures = (uint) accepted_failures; cred = apr.pcalloc (pool, data); return IntPtr.Zero; } else { data.accepted_failures = 0; data.may_save = false; cred = apr.pcalloc (pool, data); return GetCancelError (); } }
static IntPtr OnAuthSslServerTrustPrompt (ref IntPtr cred, IntPtr baton, [MarshalAs (UnmanagedType.LPStr)] string realm, uint failures, ref LibSvnClient.svn_auth_ssl_server_cert_info_t cert_info, [MarshalAs (UnmanagedType.SysInt)] int may_save, IntPtr pool) { LibSvnClient.svn_auth_cred_ssl_server_trust_t data = new LibSvnClient.svn_auth_cred_ssl_server_trust_t (); CertficateInfo ci = new CertficateInfo (); ci.AsciiCert = cert_info.ascii_cert; ci.Fingerprint = cert_info.fingerprint; ci.HostName = cert_info.hostname; ci.IssuerName = cert_info.issuer_dname; ci.ValidFrom = cert_info.valid_from; ci.ValidUntil = cert_info.valid_until; SslFailure accepted_failures; bool ms; if (SslServerTrustAuthenticationPrompt (realm, (SslFailure) failures, may_save != 0, ci, out accepted_failures, out ms) && accepted_failures != SslFailure.None) { data.may_save = ms ? 1 : 0; data.accepted_failures = (uint) accepted_failures; cred = apr.pcalloc (pool, data); return IntPtr.Zero; } else { data.accepted_failures = 0; data.may_save = 0; cred = apr.pcalloc (pool, data); return GetCancelError (); } }