changeset 457:c17c1da7108d

merged.
author Raimund Renkert <rrenkert@intevation.de>
date Wed, 23 Apr 2014 14:00:38 +0200
parents 37a97621b466 (current diff) efd1bd85112f (diff)
children 6fac87cadbd8
files
diffstat 9 files changed, 145 insertions(+), 37 deletions(-) [+]
line wrap: on
line diff
--- a/ui/CMakeLists.txt	Wed Apr 23 14:00:10 2014 +0200
+++ b/ui/CMakeLists.txt	Wed Apr 23 14:00:38 2014 +0200
@@ -20,6 +20,7 @@
 set(DOWNLOADER_SOURCES
     ${CMAKE_CURRENT_SOURCE_DIR}/downloader.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/sslconnection.cpp
+    ${CMAKE_CURRENT_SOURCE_DIR}/sslhelp.cpp
 )
 
 set(TRUSTBRIDGE_SOURCES
@@ -43,6 +44,7 @@
     ${CMAKE_CURRENT_SOURCE_DIR}/createinstallerdialog.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/createcertlistdialog.cpp
     ${CMAKE_CURRENT_SOURCE_DIR}/aboutdialog.cpp
+    ${CMAKE_CURRENT_SOURCE_DIR}/sslhelp.cpp
     ${CERTIFICATELIST_SOURCES}
 )
 
--- a/ui/administratorwindow.cpp	Wed Apr 23 14:00:10 2014 +0200
+++ b/ui/administratorwindow.cpp	Wed Apr 23 14:00:38 2014 +0200
@@ -33,7 +33,7 @@
     setWindowTitle(tr("TrustBridge Administration"));
     QString path = QStandardPaths::locate(
         QStandardPaths::DataLocation, QString("certlist_last.txt"));
-    certList.readList(path.toLocal8Bit());
+    mCertList.readList(path.toLocal8Bit());
     createActions();
     createMenuBar();
     createContent();
@@ -143,8 +143,8 @@
     QString certFile = QFileDialog::getOpenFileName(
         this, tr("Select certificate list file"), path, "*.txt");
     qDebug() << "selected: " + certFile;
-    certList.readList(certFile.toLocal8Bit().constData());
-    if (!certList.isValid()) {
+    mCertList.readList(certFile.toLocal8Bit().constData());
+    if (!mCertList.isValid()) {
         qDebug() << "Not a valid list.";
     }
     else {
@@ -181,7 +181,7 @@
 }
 
 void AdministratorWindow::loadCertificateTable() {
-    foreach(const Certificate &cert, certList.getCertificates()) {
+    foreach(const Certificate &cert, mCertList.getCertificates()) {
         certificateModel->addCertificate(cert, true);
     }
     certificateView->resizeColumnsToContents();
--- a/ui/administratorwindow.h	Wed Apr 23 14:00:10 2014 +0200
+++ b/ui/administratorwindow.h	Wed Apr 23 14:00:38 2014 +0200
@@ -32,6 +32,16 @@
 public:
     AdministratorWindow();
 
+    /** @brief obtain a const reference to the certificate List
+     * @returns the current certificatelist
+     */
+    const CertificateList& certList() const {return mCertList;}
+
+    /** @brief get the settings for this application
+     * @returns a reference the applications settings object
+     */
+    QSettings* settings() {return &mSettings;}
+
 private slots:
     void createInstaller();
     void showAbout();
@@ -48,12 +58,12 @@
     void loadCertificateTable();
     void addToCertificateTable(const QList<Certificate> &certs);
 
-    QSettings settings;
+    QSettings mSettings;
 
     QMenuBar *menuBar;
 
     QTableView *certificateView;
-    CertificateList certList;
+    CertificateList mCertList;
     CertificateTabelModel *certificateModel;
     QPushButton *saveButton;
     QPushButton *loadButton;
--- a/ui/createcertlistdialog.cpp	Wed Apr 23 14:00:10 2014 +0200
+++ b/ui/createcertlistdialog.cpp	Wed Apr 23 14:00:38 2014 +0200
@@ -6,7 +6,11 @@
  * See LICENSE.txt for details.
  */
 #include "createcertlistdialog.h"
+#include "sslhelp.h"
+#include "administratorwindow.h"
+
 #include <QDebug>
+#include <QMessageBox>
 #include <QDir>
 #include <QPushButton>
 #include <QGroupBox>
@@ -16,12 +20,17 @@
 #include <QFileDialog>
 #include <QStandardPaths>
 
-CreateCertListDialog::CreateCertListDialog(QMainWindow *parent) :
-    QDialog(parent)
+#include <polarssl/pk.h>
+
+CreateCertListDialog::CreateCertListDialog(AdministratorWindow *parent) :
+    QDialog(parent),
+    mAdminWindow(parent),
+    mPk(NULL)
 {
     setWindowTitle(tr("Save certificate list"));
     setupGUI();
     resize(500, 200);
+    mCertFile->setText(mAdminWindow->settings()->value("LastCert", QString()).toString());
 }
 
 void CreateCertListDialog::setupGUI()
@@ -70,10 +79,8 @@
 
     QString footerText = tr("In addition, each certificate list will be saved "
         "automatically in the archive directory:\n");
-    // TODO print out the path, not the displayName.
     footerText.append(QStandardPaths::writableLocation(
         QStandardPaths::DataLocation));
-    //footerText.append(QStandardPaths::displayName(QStandardPaths::DataLocation));
     QLabel *footer = new QLabel(footerText);
 
     centerLayout->addLayout(labelLayout);
@@ -105,11 +112,35 @@
     return;
 }
 
+void CreateCertListDialog::showErrorMessage(const QString &msg)
+{
+    QMessageBox::warning(this, tr("Error!"), msg);
+}
+
 void CreateCertListDialog::openCertificateSelect()
 {
     QString certFile = QFileDialog::getOpenFileName(
-        this, tr("Select certificate"), QDir::homePath(), "*.pem *.der *.crt");
+        this, tr("Select certificate"), mCertFile->text().isEmpty() ?
+        QDir::homePath() : mCertFile->text(), "*.pem");
     mCertFile->setText(certFile);
+
+    mAdminWindow->settings()->setValue("LastCert", certFile);
+
+    if (mPk != NULL) {
+        pk_free(mPk);
+        delete mPk;
+        mPk = NULL;
+    }
+
+    mPk = new pk_context;
+    pk_init(mPk);
+    int ret = pk_parse_keyfile(mPk, mCertFile->text().toLocal8Bit().constData(), "");
+
+    if (ret != 0) {
+        showErrorMessage(tr("Failed to load certificate: %1")
+                .arg(getPolarSSLErrorMsg(ret)));
+        return;
+    }
 }
 
 void CreateCertListDialog::openSaveLocation()
@@ -121,6 +152,9 @@
 
 void CreateCertListDialog::createList()
 {
+    //entropy_context mEntropy;
+    //ctr_drbg_context mCtr_drbg;
+
     qDebug() << "and now create the certificate list using:";
     qDebug() << "certificate: " << mCertFile->text();
     qDebug() << "target" << mSaveFile->text();
--- a/ui/createcertlistdialog.h	Wed Apr 23 14:00:10 2014 +0200
+++ b/ui/createcertlistdialog.h	Wed Apr 23 14:00:38 2014 +0200
@@ -11,12 +11,15 @@
 #include <QDialog>
 #include <QMainWindow>
 #include <QLineEdit>
+
+#include <polarssl/pk.h>
 /**
  * @file createinstallerdialog.h
  * @brief The dialog to show settings and create an installer.
  */
 
 class QListWidget;
+class AdministratorWindow;
 
 class CreateCertListDialog : public QDialog
 {
@@ -25,18 +28,35 @@
     /** @brief Create a dialog showing settings for the create certificate list
      * process
      * */
-    CreateCertListDialog(QMainWindow *parent);
+    CreateCertListDialog(AdministratorWindow *parent);
 
 private:
     void setupGUI();
 
     QLineEdit *mCertFile;
     QLineEdit *mSaveFile;
+    AdministratorWindow *mAdminWindow;
+
+    pk_context *mPk;
 
 private slots:
+    /** @brief Open the certificate selection dialog and parse the certificate
+     *
+     * If the certificate can be parsed mPk is replaced by the new key
+     * otherwise an error message is shown to the user.
+     */
     void openCertificateSelect();
     void openSaveLocation();
+    /** @brief create a valid certificate list file
+     *
+     * The contents of the certificate list is the certificatelist
+     * of the adminWindow. It is signed with the currently
+     * loaded certificate in mPk. On errors the user is
+     * informed with showErrorMessage */
     void createList();
+
+    /** @brief show an error message with QMessageBox */
+    void showErrorMessage(const QString&msg);
 };
 
 #endif // CREATECERTLISTDIALOG_H
--- a/ui/l10n/administrator_de_DE.ts	Wed Apr 23 14:00:10 2014 +0200
+++ b/ui/l10n/administrator_de_DE.ts	Wed Apr 23 14:00:38 2014 +0200
@@ -176,8 +176,8 @@
 <context>
     <name>CreateCertListDialog</name>
     <message>
-        <location filename="../createcertlistdialog.cpp" line="22"/>
-        <location filename="../createcertlistdialog.cpp" line="39"/>
+        <location filename="../createcertlistdialog.cpp" line="30"/>
+        <location filename="../createcertlistdialog.cpp" line="48"/>
         <source>Save certificate list</source>
         <translation>Zertifikatsliste speichern</translation>
     </message>
@@ -195,33 +195,43 @@
         <translation type="obsolete">Liste signieren</translation>
     </message>
     <message>
-        <location filename="../createcertlistdialog.cpp" line="41"/>
+        <location filename="../createcertlistdialog.cpp" line="50"/>
         <source>Save all managed root certificates in a new, signed certificate list.</source>
         <translation type="unfinished"></translation>
     </message>
     <message>
-        <location filename="../createcertlistdialog.cpp" line="71"/>
+        <location filename="../createcertlistdialog.cpp" line="80"/>
         <source>In addition, each certificate list will be saved automatically in the archive directory:
 </source>
         <translation type="unfinished"></translation>
     </message>
     <message>
-        <location filename="../createcertlistdialog.cpp" line="83"/>
+        <location filename="../createcertlistdialog.cpp" line="90"/>
         <source>Save list</source>
         <translation type="unfinished">Liste speichern</translation>
     </message>
     <message>
-        <location filename="../createcertlistdialog.cpp" line="85"/>
+        <location filename="../createcertlistdialog.cpp" line="92"/>
         <source>Cancel</source>
         <translation>Abbrechen</translation>
     </message>
     <message>
-        <location filename="../createcertlistdialog.cpp" line="111"/>
+        <location filename="../createcertlistdialog.cpp" line="117"/>
+        <source>Error!</source>
+        <translation type="unfinished"></translation>
+    </message>
+    <message>
+        <location filename="../createcertlistdialog.cpp" line="123"/>
         <source>Select certificate</source>
         <translation type="unfinished">Zertifikat auswählen</translation>
     </message>
     <message>
-        <location filename="../createcertlistdialog.cpp" line="118"/>
+        <location filename="../createcertlistdialog.cpp" line="140"/>
+        <source>Failed to load certificate: %1</source>
+        <translation type="unfinished"></translation>
+    </message>
+    <message>
+        <location filename="../createcertlistdialog.cpp" line="149"/>
         <source>Select target location</source>
         <translation type="unfinished"></translation>
     </message>
--- a/ui/sslconnection.cpp	Wed Apr 23 14:00:10 2014 +0200
+++ b/ui/sslconnection.cpp	Wed Apr 23 14:00:38 2014 +0200
@@ -8,6 +8,7 @@
 /* TODO: Wrap ssl_session in a class for reuse.
  * see programs/ssl/ssl_client2.c for example of session reuse */
 #include "sslconnection.h"
+#include "sslhelp.h"
 
 #include <QFile>
 #include <QUuid>
@@ -24,14 +25,6 @@
 }
 #endif
 
-QString getErrorMsg(int ret)
-{
-    char errbuf[255];
-    polarssl_strerror(ret, errbuf, 255);
-    errbuf[254] = '\0'; /* Just to be sure */
-    return QString::fromLatin1(errbuf);
-}
-
 SSLConnection::SSLConnection(const QString& url,
                              const QByteArray& certificate):
     mUrl(url),
@@ -57,7 +50,7 @@
     if (ret == 0) {
         mInitialized = true;
     } else {
-        qDebug() << "Initialization error: " + getErrorMsg(ret);
+        qDebug() << "Initialization error: " + getPolarSSLErrorMsg(ret);
     }
 }
 
@@ -152,7 +145,7 @@
                   mUrl.port(443));
 
     if (ret != 0) {
-        qDebug() << "Connect failed: " << getErrorMsg(ret);
+        qDebug() << "Connect failed: " << getPolarSSLErrorMsg(ret);
         mErrorState = NoConnection;
         return ret;
     }
@@ -163,7 +156,7 @@
     while ((ret = ssl_handshake(&mSSL)) != 0) {
         if (ret != POLARSSL_ERR_NET_WANT_READ &&
                 ret != POLARSSL_ERR_NET_WANT_WRITE) {
-            qDebug() << "SSL Handshake failed: " << getErrorMsg(ret);
+            qDebug() << "SSL Handshake failed: " << getPolarSSLErrorMsg(ret);
             mErrorState = SSLHandshakeFailed;
             return ret;
         }
@@ -171,7 +164,7 @@
 
     ret = ssl_get_session(&mSSL, &mSavedSession);
     if (ret != 0) {
-        qDebug() << "SSL get session failed: " << getErrorMsg(ret);
+        qDebug() << "SSL get session failed: " << getPolarSSLErrorMsg(ret);
 
         mErrorState = NoConnection;
         return ret;
@@ -257,7 +250,7 @@
     if (mNeedsReset) {
         ret = reset();
         if (ret != 0) {
-            qDebug() << "Reset failed: " << getErrorMsg(ret);
+            qDebug() << "Reset failed: " << getPolarSSLErrorMsg(ret);
             return ret;
         }
     }
@@ -301,7 +294,7 @@
     if (ret != 0)
     {
         qDebug() << "SSL Connection reset failed: "
-                 << getErrorMsg(ret);
+                 << getPolarSSLErrorMsg(ret);
         return ret;
     }
 
@@ -312,7 +305,7 @@
 
     if (ret != 0) {
         mErrorState = NoConnection;
-        qDebug() << "Connection failed." << getErrorMsg(ret);
+        qDebug() << "Connection failed." << getPolarSSLErrorMsg(ret);
         return ret;
     }
 
@@ -320,7 +313,7 @@
         if (ret != POLARSSL_ERR_NET_WANT_READ &&
                 ret != POLARSSL_ERR_NET_WANT_WRITE) {
             qDebug() << "SSL Handshake failed: "
-                 << getErrorMsg(ret);
+                 << getPolarSSLErrorMsg(ret);
             mErrorState = SSLHandshakeFailed;
             return ret;
         }
@@ -356,7 +349,7 @@
             tries++;
         }
         if (ret <= 0) {
-            qDebug() << "Read failed: " << getErrorMsg(ret);
+            qDebug() << "Read failed: " << getPolarSSLErrorMsg(ret);
             return QByteArray();
         }
         if (len < (len - (unsigned int) ret)) {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/ui/sslhelp.cpp	Wed Apr 23 14:00:38 2014 +0200
@@ -0,0 +1,16 @@
+/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
+ * Software engineering by Intevation GmbH
+ *
+ * This file is Free Software under the GNU GPL (v>=2)
+ * and comes with ABSOLUTELY NO WARRANTY!
+ * See LICENSE.txt for details.
+ */
+#include "sslhelp.h"
+
+QString getPolarSSLErrorMsg(int ret)
+{
+    char errbuf[1020];
+    polarssl_strerror(ret, errbuf, 1020);
+    errbuf[1020] = '\0'; /* Just to be sure */
+    return QString::fromLatin1(errbuf);
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/ui/sslhelp.h	Wed Apr 23 14:00:38 2014 +0200
@@ -0,0 +1,23 @@
+/* Copyright (C) 2014 by Bundesamt für Sicherheit in der Informationstechnik
+ * Software engineering by Intevation GmbH
+ *
+ * This file is Free Software under the GNU GPL (v>=2)
+ * and comes with ABSOLUTELY NO WARRANTY!
+ * See LICENSE.txt for details.
+ */
+
+
+/**
+ * @file sslhelp.h
+ * @brief Helper functions to combine Qt with Polarssl
+ */
+#include <polarssl/error.h>
+
+#include <QString>
+
+/** @brief get a human readable error message for a polarssl return code
+ *
+ * @param [in] ret A polarssl error code
+ * @returns A QString representation of that error
+ */
+QString getPolarSSLErrorMsg(int ret);

http://wald.intevation.org/projects/trustbridge/